gpg signing extension for hg the principle is almost the same as how tags work: .hgsigs stores signatures, localsigs stores local signatures the format of the signatures is: nodeid sigversion base64_detached_sig sigversion 0 signs simply the nodeid (maybe we would like to sign other things in the future). you can associate fingerprints with roles in hgrc like: [gpg] fingerprint_of_a_key_without_spaces = release fingerprint_of_a_key_without_spaces = contributor, testing the key used for signing can be specified on the command line or via hgrc (key =) thanks to Eric Hopper for testing and bugfixing

#!/bin/sh

mkdir a
cd a
hg init
echo foo > b
hg add b
hg ci -m "b" -d "0 0"

chmod -w .hg

cd ..

hg clone a b
cd b
hg verify

cd ..

chmod +w a/.hg # let test clean up