Category: Workflow

GPG & Git

Back in April, Github added support for a long-standing git feature — commit signing. Technically you’ve been able sign commits with -S since git 1.7.9, but there was no UI for it on Github. This update led folks to start automatically signing all commits, but that’s not necessary.

The git tree is a directed acyclic graph — meaning every commit references its parent — and hashed with SHA-1. In practice, this means it’s impossible to change the history of a git repo without rewriting all succeeding commits. Said another way, if you trust the SHA-1 hash of the head of the tree, you can implicitly trust the entire tree.

What does this have to do with signed commits? Well, when you sign a commit, you’re also signing all previous commits. This is one of the reasons that git originally only allowed tags to be signed:

Signing each commit is totally stupid. It just means that you automate it, and you make the signature worth less. It also doesn’t add any real value, since the way the git DAG-chain of SHA1’s work, you only ever need _one_ signature to make all the commits reachable from that one be effectively covered by that one.

You can automatically sign all tags by adding the following to your .gitconfig file:

gpgsign = true

If you don’t tag releases, another good place to sign commits is at the end of a pull request. After a long chain, one signed commit effectively signs the entire branch. You can even add an empty, signed commit with:

git commit --gpg-sign --allow-empty

This way, there’s no need to enter a GPG passphrase for each commit, but only when you need it.

Vim Tips to Make Yourself Faster

I use Vim because it’s faster for me than other text editors. Sure, you could use vim-mode for Atom or one of the various packages for Sublime, but they all have shortcomings — and Vim works everywhere. Here are five things I do to make Vim faster for me.

Relative Line Numbers

Most people know that you can use numbers with Vim commands to make a change multiple times, across multiple lines, or multiple characters. That’s not super useful if you have to stop to count the number of lines in a block of code before deleting it, for example. I use relative line numbers in Vim. The current line is always 0. I can instantly see that a block of code is 14 lines long and d14d to delete it.

Relative line numbers in Vim

Use . to repeat the last command

This one is pretty self explanatory. Any command can be repeated with .. If you delete a line with dd and realize that you also want to delete a few more lines, pressing . three times will delete the next three lines. It may seem like a small thing, but that’s half as many keystrokes.

Use = to format code

Often, when you copy and paste code from somewhere else, it won’t be formatted properly. The = command can help here. You can either do something like gg=G to format the entire document or highlight the block of code that needs to be formatted (in visual mode) and press = to format just that block.

Make shifts keep selection

When you highlight a block of code for the purpose of indenting it, the selection is lost when you do the first shift. Often times, you need to shift it more than one position though. The following snippet keeps the current selection in visual mode after you perform a shift.

Search to find what you’re looking for

I think one of the reasons I’m slower in other text editors is that I use the mouse to browse for specific code instead of using the search function. Start searching with /. After you enter the search and press return, you can jump the next and previous matches with n and N respectively.

Sublime Text 3 Packages

Since I recently switched from VIM back to Sublime Text 3, I thought I’d share some of the packages that I’m using.

While Sublime Text 3 is still in beta, it seems to be stable enough to use. That being said, many of the packages have limited or no support for Python 3 at this point, which is necessary for ST3. Some of the more popular packages have branches on GitHub dedicated to Sublime Text 3 support. You can install those packages through Package Control by first adding the URL associated with that branch as a repository. For example, ““.

First, since I came from VIM, I thought it would be nice to use Vintage. I’ve used Vintage in the past and haven’t necessarily loved it though. Luckily, while I was searching for other packages that have Sublime Text 3 support, I stumbled upon Vintageous which has been excellent so far. At this point it’s kind of the reason that I don’t want to go back to Sublime Text 2.

Package Control

I was very happy to find that Package Control works in ST3. There are special installation instructions that involve manually cloning the repository, but nothing too complicated. After the initial install process, everything seems to work like normal.


Since the theme and color definitions aren’t dependent on a particular version of Python, the old themes and color schemes should still work. As always, I’m using the Soda theme with the Tomorrow Night color scheme. For now, I’m using the Tomorrow Night Eighties variant because it’s so hipster. 😉


Like the themes, language definitions aren’t dependent on a particular version of Python. The additional language definitions I’ve installed are CoffeeScript and Sass.


Lastly, I’m using a few other utility packages that just make life easier.

  • GitGutter: I used something similar to this in VIM and I couldn’t imagine life without it. Basically, it tells you what changes have been made to the current file since the last commit.
  • Alignment: The standard version of this one doesn’t work, so you’ll have to find a working fork. I’m using and it works so far. This one lines up stuff in your code. I primarily use it on long lists of variable definitions or similar blocks so that all the equals symbols line up, making the code easier to read.
  • Fetch: Another package that needs the correct branch to be manually added to package control at this point. is what I’m using. Since it’s made by Nettuts, I’ll let them explain in their article, Introducing Nettuts+ Fetch.
  • SublimeLinter: While SublimeLinter theoretically works with ST3, I haven’t been able to use it so far. Even though I normally don’t have an issue missing semicolons and such, it’s nice to have a linter watching your code so you don’t waste time tracking down bugs based on syntax errors.

P2 Theme

After trying to sort out the best way to facilitate asynchronous communication for a group project, I was reminded of P2. This talk by Pete Davies at WordCamp SF this past year tells a very compelling story about why you should use P2 on your project. You can use it for free on or download it to run on hosted WordPress. It took all of a few minutes to sign up for a free site and switch to the P2 theme. After that it was all work.

Secure Shared Files with Hazel

Occasionally I need to send sensitive files to someone on the internet. I took a tip I once heard from Merlin Mann and built a script to automate this as much as possible. It requires Hazel and a cloud sharing service that syncs to your Mac. I’m using Dropbox.

The basic idea is to use Dropbox as a place to share files safely and automate the process with Hazel. We’re going to rely on long, obscure filenames along with randomly generated passwords and short availability windows to protoct our files. We can automate all of this through a couple Hazel commands and an Applescript.

The Hazel commands are set up as follows. The first one looks for any file or folder older than 7 days that is a zip archive and deletes it. This enforces our short availability window. You could make the window anything you like. The second command looks for anything that’s not a zip archive and runs the following Applescript on it.

We generate a random password with openssl rand -base64 32 — this means we’ll get 32 random base64 characters. We also create a SHA1 hash of the file to append to the filename. After that, just zip the file with the random password and put the password on the clipboard. You can do more, like generating a notification when the script is done. I have a TextExander snippet that lets you fill in the filename and grabs the password off the clipboard.

Ideally, you wouldn’t send the password along with the link to document. Try to use two different methods to notify someone where the file is located and what the password is — even if it’s just two different email accounts on a separate server.

For now this won’t work with directories because the SHA1 hash of a directory is blank. An easy way to fix that would be to zip the directory first and then get the hash and rename the zip file.