diff --git a/VERSION b/VERSION index 6d7de6e..21e8796 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.0.2 +1.0.3 diff --git a/brewfiles/Brewfile.dev b/brewfiles/Brewfile.dev index 65d407a..a1c601f 100644 --- a/brewfiles/Brewfile.dev +++ b/brewfiles/Brewfile.dev @@ -6,6 +6,9 @@ brew "mise" # Modern asdf replacement (10x faster) # JavaScript / Node brew "bun" # Bun runtime (also managed via mise) +# GPG +brew "pinentry-mac" # macOS-native GPG passphrase dialog + # Build tools brew "watchman" # File watching (React Native, Jest) diff --git a/dotfiles/zshrc b/dotfiles/zshrc index 1b44602..4df3f6c 100644 --- a/dotfiles/zshrc +++ b/dotfiles/zshrc @@ -31,6 +31,9 @@ if /usr/libexec/java_home &>/dev/null; then export JAVA_HOME=$(/usr/libexec/java_home) fi +# ─── GPG ──────────────────────────────────────────────────────────────────── +export GPG_TTY=$(tty) + # ─── Locale ────────────────────────────────────────────────────────────────── export LANG="en_US.UTF-8" export LC_ALL="en_US.UTF-8" diff --git a/modules/06-git.sh b/modules/06-git.sh index a202785..841d031 100755 --- a/modules/06-git.sh +++ b/modules/06-git.sh @@ -33,6 +33,19 @@ GPG_KEY_ID=$(gpg --list-secret-keys --keyid-format SHORT 2>/dev/null | \ if [ -n "$GPG_KEY_ID" ]; then git config --global user.signingkey "$GPG_KEY_ID" git config --global commit.gpgsign true + git config --global gpg.program "$(which gpg)" + + # Configure pinentry-mac for passphrase entry if available + PINENTRY_MAC="${BREW_PREFIX}/bin/pinentry-mac" + if [ -f "$PINENTRY_MAC" ]; then + GPG_AGENT_CONF="$HOME/.gnupg/gpg-agent.conf" + if ! grep -q "pinentry-program.*pinentry-mac" "$GPG_AGENT_CONF" 2>/dev/null; then + echo "pinentry-program ${PINENTRY_MAC}" >> "$GPG_AGENT_CONF" + gpgconf --kill gpg-agent 2>/dev/null + mbp_log_ok "pinentry-mac configured for GPG agent" + fi + fi + mbp_log_ok "GPG signing enabled: $GPG_KEY_ID" else mbp_log_warn "No GPG key found — run 'mbp setup --module secrets' to enable commit signing"