Skip to content

chore(deps-dev): bump @types/node from 18.19.67 to 18.19.68 in the types group #10667

chore(deps-dev): bump @types/node from 18.19.67 to 18.19.68 in the types group

chore(deps-dev): bump @types/node from 18.19.67 to 18.19.68 in the types group #10667

name: "Commit signatures"
on:
pull_request:
jobs:
check:
runs-on: ubuntu-latest
steps:
- name: Fetch commits
run: gh api "${{ github.event.pull_request._links.commits.href }}" | tee commits.json
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Filter unverified commits
run: jq '[.[].commit | select(.verification.verified == false)]' < commits.json | tee unverified-commits.json
- name: List unverified commits
run: jq '.[] | [{message, tree, author, committer, verification}]' < unverified-commits.json
- name: Result
run: |
COUNT="$(jq '. | length' < unverified-commits.json)"
if [[ "$COUNT" == "0" ]];
then
echo "✅ All commits are verified."
exit 0
fi
echo "❌ PR contains $COUNT unverified commit(s)!"
echo ""
echo "Please note that we require that all commits are signed."
echo "Please see the documentation about signed commits and how to sign yours on GitHub:"
echo "- https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification"
echo "- https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits"
echo ''
echo 'Once you have set up commit signatures, you can sign your existing commits:'
echo ''
echo ' git rebase main --exec "git commit --amend --gpg-sign --no-edit"'
echo ''
echo 'Then you will need to force-push your branch once:'
echo ''
echo ' git push --force'
echo ''
exit 1