GitSignatureCheckTest::tagDataProvider() - Code Metrics - Inspection of "Merge branch 'feature/git-package-verification'" - Roave/composer-gpg-verify - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( da1a6c...6bb072 )

by Marco

created 2017-05-18 21:41 UTC

GitSignatureCheckTest::tagDataProvider() B

↳ Parent: GitSignatureCheckTest

Complexity

Conditions	1
Paths	1

Size

Total Lines	146
Code Lines	56

Duplication

Lines	146
Ratio	100 %

Importance

Changes

Metric	Value
dl	146
loc	146
rs	8.2857
c	0
b	0
f	0
cc	1
eloc	56
nc	1
nop	0

How to fix Long Method

<?php

declare(strict_types=1);

namespace RoaveTest\ComposerGpgVerify\Package\Git;

use Composer\Package\PackageInterface;
use PHPUnit\Framework\TestCase;
use Roave\ComposerGpgVerify\Package\Git\GitSignatureCheck;

/**
 * @covers \Roave\ComposerGpgVerify\Package\Git\GitSignatureCheck
 */
final class GitSignatureCheckTest extends TestCase
{
    /**
     * @dataProvider commitDataProvider
     */
    public function testFromGitCommitCheck(

        PackageInterface $package,
        string $command,
        int $exitCode,
        string $commandOutput,
        bool $expectedTrust,
        string $expectedHumanReadableStringFormat
    ) : void {
        $check = GitSignatureCheck::fromGitCommitCheck($package, $command, $exitCode, $commandOutput);

        self::assertSame($expectedTrust, $check->canBeTrusted());
        self::assertStringMatchesFormat($expectedHumanReadableStringFormat, $check->asHumanReadableString());
    }

    public function commitDataProvider() : array

    {
        $packageName = uniqid('packageName', true);
        $package = $this->createMock(PackageInterface::class);

        $package->expects(self::any())->method('getName')->willReturn($packageName);

        return [
            'empty' => [
                $package,
                '',
                0,
                '',
                false,
                <<<'READABLE'
[NOT SIGNED] [NOT VERIFIED]    
Command: 
Exit code: 0
Output: 
READABLE
            ],
            'not signed' => [
                $package,
                'git verify-commit --verbose HEAD',
                1,
                '',
                false,
                <<<'READABLE'
[NOT SIGNED] [NOT VERIFIED]    
Command: git verify-commit --verbose HEAD
Exit code: 1
Output: 
READABLE
            ],
            'signed, no key' => [
                $package,
                'git verify-commit --verbose HEAD',
                1,
                <<<'OUTPUT'
tree 4b825dc642cb6eb9a060e54bf8d69288fbee4904
author Mr. Magoo <[email protected]> 1495040303 +0200
committer Mr. Magoo <[email protected]> 1495040303 +0200

signed commit
gpg: Signature made Mi 17 Mai 2017 18:58:23 CEST
gpg:                using RSA key ECFE352F73409A6E
gpg: Can't check signature: No public key
OUTPUT
                ,
                false,
                <<<'READABLE'
[SIGNED] [NOT VERIFIED] Commit #4b825dc642cb6eb9a060e54bf8d69288fbee4904   (Key ECFE352F73409A6E)
Command: git verify-commit --verbose HEAD
Exit code: 1
Output: tree 4b825dc642cb6eb9a060e54bf8d69288fbee4904
author Mr. Magoo <[email protected]> 1495040303 +0200
committer Mr. Magoo <[email protected]> 1495040303 +0200

signed commit
gpg: Signature made Mi 17 Mai 2017 18:58:23 CEST
gpg:                using RSA key ECFE352F73409A6E
gpg: Can't check signature: No public key
READABLE
            ],
            'signed, key not trusted' => [
                $package,
                'git verify-commit --verbose HEAD',
                0,
                <<<'OUTPUT'
tree 4b825dc642cb6eb9a060e54bf8d69288fbee4904
author Mr. Magoo <[email protected]> 1495041438 +0200
committer Mr. Magoo <[email protected]> 1495041438 +0200

signed commit
gpg: Signature made Mi 17 Mai 2017 19:17:18 CEST
gpg:                using RSA key 3CD2E574BC4207C7
gpg: Good signature from "Mr. Magoo <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: AA0E 63DC BC06 F864 F53E  F630 3CD2 E574 BC42 07C7
OUTPUT
                ,
                false,
                <<<'READABLE'
[SIGNED] [NOT VERIFIED] Commit #4b825dc642cb6eb9a060e54bf8d69288fbee4904  By "Mr. Magoo <[email protected]>" (Key 3CD2E574BC4207C7)
Command: git verify-commit --verbose HEAD
Exit code: 0
Output: tree 4b825dc642cb6eb9a060e54bf8d69288fbee4904
author Mr. Magoo <[email protected]> 1495041438 +0200
committer Mr. Magoo <[email protected]> 1495041438 +0200

signed commit
gpg: Signature made Mi 17 Mai 2017 19:17:18 CEST
gpg:                using RSA key 3CD2E574BC4207C7
gpg: Good signature from "Mr. Magoo <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: AA0E 63DC BC06 F864 F53E  F630 3CD2 E574 BC42 07C7
READABLE
            ],
            [
                $package,
                'git verify-commit --verbose HEAD',
                0,
                <<<'OUTPUT'
tree 4b825dc642cb6eb9a060e54bf8d69288fbee4904
author Mr. Magoo <[email protected]> 1495041602 +0200
committer Mr. Magoo <[email protected]> 1495041602 +0200

signed commit
gpg: Signature made Mi 17 Mai 2017 19:20:02 CEST
gpg:                using RSA key 4889C20D148231DC
gpg: Good signature from "Mr. Magoo <[email protected]>" [full]
OUTPUT
                ,
                true,
                <<<'READABLE'
[SIGNED] [VERIFIED] Commit #4b825dc642cb6eb9a060e54bf8d69288fbee4904  By "Mr. Magoo <[email protected]>" (Key 4889C20D148231DC)
Command: git verify-commit --verbose HEAD
Exit code: 0
Output: tree 4b825dc642cb6eb9a060e54bf8d69288fbee4904
author Mr. Magoo <[email protected]> 1495041602 +0200
committer Mr. Magoo <[email protected]> 1495041602 +0200

signed commit
gpg: Signature made Mi 17 Mai 2017 19:20:02 CEST
gpg:                using RSA key 4889C20D148231DC
gpg: Good signature from "Mr. Magoo <[email protected]>" [full]
READABLE
            ],
        ];
    }

    /**
     * @dataProvider tagDataProvider
     */
    public function testFromGitTagCheck(

        PackageInterface $package,
        string $command,
        int $exitCode,
        string $commandOutput,
        bool $expectedTrust,
        string $expectedHumanReadableStringFormat
    ) : void {
        $check = GitSignatureCheck::fromGitTagCheck($package, $command, $exitCode, $commandOutput);

        self::assertSame($expectedTrust, $check->canBeTrusted());
        self::assertStringMatchesFormat($expectedHumanReadableStringFormat, $check->asHumanReadableString());
    }

    public function tagDataProvider() : array

    {
        $packageName = uniqid('packageName', true);
        $package = $this->createMock(PackageInterface::class);

        $package->expects(self::any())->method('getName')->willReturn($packageName);

        return [
            'empty' => [
                $package,
                '',
                0,
                '',
                false,
                <<<'READABLE'
[NOT SIGNED] [NOT VERIFIED]    
Command: 
Exit code: 0
Output: 
READABLE
            ],
            'failed verification - no signed tag' => [
                $package,
                'git tag -v --verbose unsigned-tag',
                1,
                '',
                false,
                <<<'READABLE'
[NOT SIGNED] [NOT VERIFIED]    
Command: git tag -v --verbose unsigned-tag
Exit code: 1
Output: 
READABLE
            ],
            'failed verification - signed tag, unknown key' => [
                $package,
                'git tag -v tag-name',
                1,
                <<<'OUTPUT'
object bf2fabeabe00f14f0ce0090adc7a2b9b770edbe3
type commit
tag tag-name
tagger Mr. Magoo <[email protected]> 1495094925 +0200

signed tag
gpg: keybox '/tmp/gpg-verification-test591d568c5d0947.51554486//pubring.kbx' created
gpg: Signature made Do 18 Mai 2017 10:08:45 CEST
gpg:                using RSA key 4B95C0CE4DE340CC
gpg: Can't check signature: No public key
OUTPUT
                ,
                false,
                <<<'READABLE'
[SIGNED] [NOT VERIFIED] Commit #bf2fabeabe00f14f0ce0090adc7a2b9b770edbe3 Tag tag-name  (Key 4B95C0CE4DE340CC)
Command: git tag -v tag-name
Exit code: 1
Output: object bf2fabeabe00f14f0ce0090adc7a2b9b770edbe3
type commit
tag tag-name
tagger Mr. Magoo <[email protected]> 1495094925 +0200

signed tag
gpg: keybox '/tmp/gpg-verification-test591d568c5d0947.51554486//pubring.kbx' created
gpg: Signature made Do 18 Mai 2017 10:08:45 CEST
gpg:                using RSA key 4B95C0CE4DE340CC
gpg: Can't check signature: No public key
READABLE
            ],
            'failed verification - signed tag, untrusted key' => [
                $package,
                'git tag -v tag-name',
                0,
                <<<'OUTPUT'
object be3b7a6f0ee4d90a72e1e1a19f89d8eeef746200
type commit
tag tag-name
tagger Mr. Magoo <[email protected]> 1495095245 +0200

signed tag
gpg: Signature made Do 18 Mai 2017 10:14:05 CEST
gpg:                using RSA key 865E20A60B500B00
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: Good signature from "Mr. Magoo <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: D8BE 3E96 4271 2378 9551  AF87 865E 20A6 0B50 0B00
OUTPUT
                ,
                false,
                <<<'READABLE'
[SIGNED] [NOT VERIFIED] Commit #be3b7a6f0ee4d90a72e1e1a19f89d8eeef746200 Tag tag-name By "Mr. Magoo <[email protected]>" (Key 865E20A60B500B00)
Command: git tag -v tag-name
Exit code: 0
Output: object be3b7a6f0ee4d90a72e1e1a19f89d8eeef746200
type commit
tag tag-name
tagger Mr. Magoo <[email protected]> 1495095245 +0200

signed tag
gpg: Signature made Do 18 Mai 2017 10:14:05 CEST
gpg:                using RSA key 865E20A60B500B00
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: Good signature from "Mr. Magoo <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: D8BE 3E96 4271 2378 9551  AF87 865E 20A6 0B50 0B00
READABLE
            ],
            'successful verification' => [
                $package,
                'git tag -v tag-name',
                0,
                <<<'OUTPUT'
object 99498872c90de4d40b2fcafad7bd1bb2cbd0433a
type commit
tag tag-name
tagger Mr. Magoo <[email protected]> 1495095451 +0200

signed tag
gpg: Signature made Do 18 Mai 2017 10:17:31 CEST
gpg:                using RSA key E9AE0662BC840E1F
gpg: Good signature from "Mr. Magoo <[email protected]>" [full]
OUTPUT
                ,
                true,
                <<<'READABLE'
[SIGNED] [VERIFIED] Commit #99498872c90de4d40b2fcafad7bd1bb2cbd0433a Tag tag-name By "Mr. Magoo <[email protected]>" (Key E9AE0662BC840E1F)
Command: git tag -v tag-name
Exit code: 0
Output: object 99498872c90de4d40b2fcafad7bd1bb2cbd0433a
type commit
tag tag-name
tagger Mr. Magoo <[email protected]> 1495095451 +0200

signed tag
gpg: Signature made Do 18 Mai 2017 10:17:31 CEST
gpg:                using RSA key E9AE0662BC840E1F
gpg: Good signature from "Mr. Magoo <[email protected]>" [full]
READABLE
            ],
        ];
    }
}


1		<?php
2
3		declare(strict_types=1);
4
5		namespace RoaveTest\ComposerGpgVerify\Package\Git;
6
7		use Composer\Package\PackageInterface;
8		use PHPUnit\Framework\TestCase;
9		use Roave\ComposerGpgVerify\Package\Git\GitSignatureCheck;
10
11		/**
12		* @covers \Roave\ComposerGpgVerify\Package\Git\GitSignatureCheck
13		*/
14		final class GitSignatureCheckTest extends TestCase
15		{
16		/**
17		* @dataProvider commitDataProvider
18		*/
19	View Code Duplication	public function testFromGitCommitCheck(
		0 ignored issues – show Duplication introduced 2017-05-18 12:58 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
20		PackageInterface $package,
21		string $command,
22		int $exitCode,
23		string $commandOutput,
24		bool $expectedTrust,
25		string $expectedHumanReadableStringFormat
26		) : void {
27		$check = GitSignatureCheck::fromGitCommitCheck($package, $command, $exitCode, $commandOutput);
28
29		self::assertSame($expectedTrust, $check->canBeTrusted());
30		self::assertStringMatchesFormat($expectedHumanReadableStringFormat, $check->asHumanReadableString());
31		}
32
33	View Code Duplication	public function commitDataProvider() : array
		0 ignored issues – show Duplication introduced 2017-05-18 12:58 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
34		{
35		$packageName = uniqid('packageName', true);
36		$package = $this->createMock(PackageInterface::class);
37
38		$package->expects(self::any())->method('getName')->willReturn($packageName);
39
40		return [
41		'empty' => [
42		$package,
43		'',
44		0,
45		'',
46		false,
47		<<<'READABLE'
48		[NOT SIGNED] [NOT VERIFIED]
49		Command:
50		Exit code: 0
51		Output:
52		READABLE
53		],
54		'not signed' => [
55		$package,
56		'git verify-commit --verbose HEAD',
57		1,
58		'',
59		false,
60		<<<'READABLE'
61		[NOT SIGNED] [NOT VERIFIED]
62		Command: git verify-commit --verbose HEAD
63		Exit code: 1
64		Output:
65		READABLE
66		],
67		'signed, no key' => [
68		$package,
69		'git verify-commit --verbose HEAD',
70		1,
71		<<<'OUTPUT'
72		tree 4b825dc642cb6eb9a060e54bf8d69288fbee4904
73		author Mr. Magoo <[email protected]> 1495040303 +0200
74		committer Mr. Magoo <[email protected]> 1495040303 +0200
75
76		signed commit
77		gpg: Signature made Mi 17 Mai 2017 18:58:23 CEST
78		gpg: using RSA key ECFE352F73409A6E
79		gpg: Can't check signature: No public key
80		OUTPUT
81		,
82		false,
83		<<<'READABLE'
84		[SIGNED] [NOT VERIFIED] Commit #4b825dc642cb6eb9a060e54bf8d69288fbee4904 (Key ECFE352F73409A6E)
85		Command: git verify-commit --verbose HEAD
86		Exit code: 1
87		Output: tree 4b825dc642cb6eb9a060e54bf8d69288fbee4904
88		author Mr. Magoo <[email protected]> 1495040303 +0200
89		committer Mr. Magoo <[email protected]> 1495040303 +0200
90
91		signed commit
92		gpg: Signature made Mi 17 Mai 2017 18:58:23 CEST
93		gpg: using RSA key ECFE352F73409A6E
94		gpg: Can't check signature: No public key
95		READABLE
96		],
97		'signed, key not trusted' => [
98		$package,
99		'git verify-commit --verbose HEAD',
100		0,
101		<<<'OUTPUT'
102		tree 4b825dc642cb6eb9a060e54bf8d69288fbee4904
103		author Mr. Magoo <[email protected]> 1495041438 +0200
104		committer Mr. Magoo <[email protected]> 1495041438 +0200
105
106		signed commit
107		gpg: Signature made Mi 17 Mai 2017 19:17:18 CEST
108		gpg: using RSA key 3CD2E574BC4207C7
109		gpg: Good signature from "Mr. Magoo <[email protected]>" [unknown]
110		gpg: WARNING: This key is not certified with a trusted signature!
111		gpg: There is no indication that the signature belongs to the owner.
112		Primary key fingerprint: AA0E 63DC BC06 F864 F53E F630 3CD2 E574 BC42 07C7
113		OUTPUT
114		,
115		false,
116		<<<'READABLE'
117		[SIGNED] [NOT VERIFIED] Commit #4b825dc642cb6eb9a060e54bf8d69288fbee4904 By "Mr. Magoo <[email protected]>" (Key 3CD2E574BC4207C7)
118		Command: git verify-commit --verbose HEAD
119		Exit code: 0
120		Output: tree 4b825dc642cb6eb9a060e54bf8d69288fbee4904
121		author Mr. Magoo <[email protected]> 1495041438 +0200
122		committer Mr. Magoo <[email protected]> 1495041438 +0200
123
124		signed commit
125		gpg: Signature made Mi 17 Mai 2017 19:17:18 CEST
126		gpg: using RSA key 3CD2E574BC4207C7
127		gpg: Good signature from "Mr. Magoo <[email protected]>" [unknown]
128		gpg: WARNING: This key is not certified with a trusted signature!
129		gpg: There is no indication that the signature belongs to the owner.
130		Primary key fingerprint: AA0E 63DC BC06 F864 F53E F630 3CD2 E574 BC42 07C7
131		READABLE
132		],
133		[
134		$package,
135		'git verify-commit --verbose HEAD',
136		0,
137		<<<'OUTPUT'
138		tree 4b825dc642cb6eb9a060e54bf8d69288fbee4904
139		author Mr. Magoo <[email protected]> 1495041602 +0200
140		committer Mr. Magoo <[email protected]> 1495041602 +0200
141
142		signed commit
143		gpg: Signature made Mi 17 Mai 2017 19:20:02 CEST
144		gpg: using RSA key 4889C20D148231DC
145		gpg: Good signature from "Mr. Magoo <[email protected]>" [full]
146		OUTPUT
147		,
148		true,
149		<<<'READABLE'
150		[SIGNED] [VERIFIED] Commit #4b825dc642cb6eb9a060e54bf8d69288fbee4904 By "Mr. Magoo <[email protected]>" (Key 4889C20D148231DC)
151		Command: git verify-commit --verbose HEAD
152		Exit code: 0
153		Output: tree 4b825dc642cb6eb9a060e54bf8d69288fbee4904
154		author Mr. Magoo <[email protected]> 1495041602 +0200
155		committer Mr. Magoo <[email protected]> 1495041602 +0200
156
157		signed commit
158		gpg: Signature made Mi 17 Mai 2017 19:20:02 CEST
159		gpg: using RSA key 4889C20D148231DC
160		gpg: Good signature from "Mr. Magoo <[email protected]>" [full]
161		READABLE
162		],
163		];
164		}
165
166		/**
167		* @dataProvider tagDataProvider
168		*/
169	View Code Duplication	public function testFromGitTagCheck(
		0 ignored issues – show Duplication introduced 2017-05-18 12:58 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
170		PackageInterface $package,
171		string $command,
172		int $exitCode,
173		string $commandOutput,
174		bool $expectedTrust,
175		string $expectedHumanReadableStringFormat
176		) : void {
177		$check = GitSignatureCheck::fromGitTagCheck($package, $command, $exitCode, $commandOutput);
178
179		self::assertSame($expectedTrust, $check->canBeTrusted());
180		self::assertStringMatchesFormat($expectedHumanReadableStringFormat, $check->asHumanReadableString());
181		}
182
183	View Code Duplication	public function tagDataProvider() : array
		0 ignored issues – show Duplication introduced 2017-05-18 12:58 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
184		{
185		$packageName = uniqid('packageName', true);
186		$package = $this->createMock(PackageInterface::class);
187
188		$package->expects(self::any())->method('getName')->willReturn($packageName);
189
190		return [
191		'empty' => [
192		$package,
193		'',
194		0,
195		'',
196		false,
197		<<<'READABLE'
198		[NOT SIGNED] [NOT VERIFIED]
199		Command:
200		Exit code: 0
201		Output:
202		READABLE
203		],
204		'failed verification - no signed tag' => [
205		$package,
206		'git tag -v --verbose unsigned-tag',
207		1,
208		'',
209		false,
210		<<<'READABLE'
211		[NOT SIGNED] [NOT VERIFIED]
212		Command: git tag -v --verbose unsigned-tag
213		Exit code: 1
214		Output:
215		READABLE
216		],
217		'failed verification - signed tag, unknown key' => [
218		$package,
219		'git tag -v tag-name',
220		1,
221		<<<'OUTPUT'
222		object bf2fabeabe00f14f0ce0090adc7a2b9b770edbe3
223		type commit
224		tag tag-name
225		tagger Mr. Magoo <[email protected]> 1495094925 +0200
226
227		signed tag
228		gpg: keybox '/tmp/gpg-verification-test591d568c5d0947.51554486//pubring.kbx' created
229		gpg: Signature made Do 18 Mai 2017 10:08:45 CEST
230		gpg: using RSA key 4B95C0CE4DE340CC
231		gpg: Can't check signature: No public key
232		OUTPUT
233		,
234		false,
235		<<<'READABLE'
236		[SIGNED] [NOT VERIFIED] Commit #bf2fabeabe00f14f0ce0090adc7a2b9b770edbe3 Tag tag-name (Key 4B95C0CE4DE340CC)
237		Command: git tag -v tag-name
238		Exit code: 1
239		Output: object bf2fabeabe00f14f0ce0090adc7a2b9b770edbe3
240		type commit
241		tag tag-name
242		tagger Mr. Magoo <[email protected]> 1495094925 +0200
243
244		signed tag
245		gpg: keybox '/tmp/gpg-verification-test591d568c5d0947.51554486//pubring.kbx' created
246		gpg: Signature made Do 18 Mai 2017 10:08:45 CEST
247		gpg: using RSA key 4B95C0CE4DE340CC
248		gpg: Can't check signature: No public key
249		READABLE
250		],
251		'failed verification - signed tag, untrusted key' => [
252		$package,
253		'git tag -v tag-name',
254		0,
255		<<<'OUTPUT'
256		object be3b7a6f0ee4d90a72e1e1a19f89d8eeef746200
257		type commit
258		tag tag-name
259		tagger Mr. Magoo <[email protected]> 1495095245 +0200
260
261		signed tag
262		gpg: Signature made Do 18 Mai 2017 10:14:05 CEST
263		gpg: using RSA key 865E20A60B500B00
264		gpg: checking the trustdb
265		gpg: marginals needed: 3 completes needed: 1 trust model: pgp
266		gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
267		gpg: Good signature from "Mr. Magoo <[email protected]>" [unknown]
268		gpg: WARNING: This key is not certified with a trusted signature!
269		gpg: There is no indication that the signature belongs to the owner.
270		Primary key fingerprint: D8BE 3E96 4271 2378 9551 AF87 865E 20A6 0B50 0B00
271		OUTPUT
272		,
273		false,
274		<<<'READABLE'
275		[SIGNED] [NOT VERIFIED] Commit #be3b7a6f0ee4d90a72e1e1a19f89d8eeef746200 Tag tag-name By "Mr. Magoo <[email protected]>" (Key 865E20A60B500B00)
276		Command: git tag -v tag-name
277		Exit code: 0
278		Output: object be3b7a6f0ee4d90a72e1e1a19f89d8eeef746200
279		type commit
280		tag tag-name
281		tagger Mr. Magoo <[email protected]> 1495095245 +0200
282
283		signed tag
284		gpg: Signature made Do 18 Mai 2017 10:14:05 CEST
285		gpg: using RSA key 865E20A60B500B00
286		gpg: checking the trustdb
287		gpg: marginals needed: 3 completes needed: 1 trust model: pgp
288		gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
289		gpg: Good signature from "Mr. Magoo <[email protected]>" [unknown]
290		gpg: WARNING: This key is not certified with a trusted signature!
291		gpg: There is no indication that the signature belongs to the owner.
292		Primary key fingerprint: D8BE 3E96 4271 2378 9551 AF87 865E 20A6 0B50 0B00
293		READABLE
294		],
295		'successful verification' => [
296		$package,
297		'git tag -v tag-name',
298		0,
299		<<<'OUTPUT'
300		object 99498872c90de4d40b2fcafad7bd1bb2cbd0433a
301		type commit
302		tag tag-name
303		tagger Mr. Magoo <[email protected]> 1495095451 +0200
304
305		signed tag
306		gpg: Signature made Do 18 Mai 2017 10:17:31 CEST
307		gpg: using RSA key E9AE0662BC840E1F
308		gpg: Good signature from "Mr. Magoo <[email protected]>" [full]
309		OUTPUT
310		,
311		true,
312		<<<'READABLE'
313		[SIGNED] [VERIFIED] Commit #99498872c90de4d40b2fcafad7bd1bb2cbd0433a Tag tag-name By "Mr. Magoo <[email protected]>" (Key E9AE0662BC840E1F)
314		Command: git tag -v tag-name
315		Exit code: 0
316		Output: object 99498872c90de4d40b2fcafad7bd1bb2cbd0433a
317		type commit
318		tag tag-name
319		tagger Mr. Magoo <[email protected]> 1495095451 +0200
320
321		signed tag
322		gpg: Signature made Do 18 Mai 2017 10:17:31 CEST
323		gpg: using RSA key E9AE0662BC840E1F
324		gpg: Good signature from "Mr. Magoo <[email protected]>" [full]
325		READABLE
326		],
327		];
328		}
329		}
330

Roave / composer-gpg-verify

Push — master ( da1a6c...6bb072 )

GitSignatureCheckTest::tagDataProvider() B

Complexity

Size

Duplication

Importance

How to fix Long Method

Long Method

Duplication Side-by-Side

Filter issues like