Existing tags being modified on 2026-04-01

Alan DeKok alan.dekok at inkbridge.io
Thu Apr 2 09:42:00 UTC 2026 

On Apr 2, 2026, at 5:18 AM, Bjørn Mork via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> Stuff like this worries me with all the supply chain attacks going
> around.  We are still expecting lots of fallout from the Trivy
> compromise.  There's no reason to believe the LiteLLM was the only one.

  Sorry, I should have posted an announcement to the list.

  In order to prevent supply chain attacks, we have been signing all commits to the FreeRADIUS repository.

  I noticed yesterday that the tags weren't signed, so I signed them and did a force push.  This unfortunately has the side effect of making it look like the tag changed.

  In reality, the tag is still pointing to the same commit.  But the tag is now annotated with a PGP signature.  The intention here is to prevent supply chain attacks.

  The default behavior of "git" is to complain about this, even though there is no actual conflict in the tag behavior.

> So my tags match the odd tag names with a '^{}' suffix. The new tags
> seem to all be gpg signed objects referencing the same object as the old
> tag.

  Yes.

> So that looks fine.  Except this sudden appearance of signatures on all
> the old tags, reusing the same names.  That's very messy.

  There is no other way to PGP sign the tags in git, unfortunately.

> Could anyone please confirm that this intentional and the everything is
> OK with the github repo?

  It's 100% OK.  If you check the signatures, you'll see that they are valid.

> Yes, I can see that the tags are signed by an entity which normally
> would be trusted.. But these days I have to assume that *any* release
> credentials could be compromised.  The only protection left is the
> sanity of local clones.  And tag updates are as unexpected as any other
> object modifcations.

  Perhaps.  But the tags are still pointing to the same commit, so there is no semantic change in them.  Any complaints here are really a git usability issue.

  Keeping a local copy ensures that you can detect any modifications to the main FreeRADIUS repository.  PGP signing the commits ensures that the commits come from a known source.

  i.e. if you see commits signed by my PGP key which are malicious, you know that my systems have been compromised.  Without PGP signatures, anyone with commit access can forge commits as anyone else.  This forgery makes it extremely difficult to discover which system was actually compromised.

  Alan DeKok.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20260402/8a6fc49a/attachment.sig>

More information about the Freeradius-Users mailing list