Expand description
Git-integrated identity, SSH signing, and collaborator verification.
Links agent-relay authentication to Git’s own infrastructure:
- Identity from
git config user.name+user.email - Message signing with SSH keys (same key used for
git push) - Collaborator verification via GitHub API (
ghCLI)
Structs§
- Collaborator
- GitIdentity
- Secure
Relay - A relay with Git identity + SSH signing.
- Signed
Message - A message with an attached SSH signature.
Functions§
- find_
ssh_ key - Find the user’s SSH private key. Checks: git config user.signingkey, then common paths.
- github_
collaborators - Fetch collaborators from a GitHub repo using the
ghCLI. Returns list of (username, email) pairs. - parse_
github_ remote - Extract owner/repo from a git remote URL.
Handles:
git@github.com:owner/repo.git,https://github.com/owner/repo.git - ssh_
sign - Sign a message body using the user’s SSH key.
Uses
ssh-keygen -Y signwhich is the same mechanism asgit commit -S. - ssh_
verify - Verify an SSH signature against the message content.
Requires an
allowed_signersfile listing trusted public keys. - write_
allowed_ signers - Generate an
allowed_signersfile from the collaborators’ public keys. Each line:email namespace public-key