GPG signing for static site markdown content
Project description
sigmark
GPG signing for static site markdown content.
Sign Hugo/static-site markdown files with GPG, embedding ASCII-armored signatures directly in YAML front matter. Verify authenticity, strip signatures, or check signing status across your content directory.
Install
pip install sigmark
Requires GPG (gpg) to be installed and available on your PATH.
Usage
# Sign all markdown files in a directory
sigmark sign --key you@example.com content/
# Sign a single file
sigmark sign --key you@example.com content/post/hello/index.md
# Verify signatures
sigmark verify content/
# Check signing status
sigmark status content/
# Remove signatures
sigmark strip content/
How It Works
Sigmark signs only the body of each markdown file (everything below the closing --- front-matter delimiter). The GPG signature is stored as a signature field in the YAML front matter:
---
title: Hello World
date: 2026-01-01
signature: |
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEE...
-----END PGP SIGNATURE-----
---
Your post body here.
This means front-matter changes (tags, categories, draft status) don't invalidate the signature, while any change to the actual content does.
Commands
| Command | Description |
|---|---|
sign --key <id> PATHS... |
Sign markdown files with GPG |
verify PATHS... |
Verify GPG signatures (exit 1 on failure) |
strip PATHS... |
Remove signature fields from front matter |
status PATHS... |
Report unsigned / valid / invalid per file |
All commands accept files and/or directories. Directories are walked recursively for .md files with YAML front matter. Global flags: --verbose, --dry-run.
License
MIT
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file sigmark-0.1.0.tar.gz.
File metadata
- Download URL: sigmark-0.1.0.tar.gz
- Upload date:
- Size: 5.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
da025952b55050a6239e724db5fc21a0e4003a751f1b5254464459eacb9c73a5
|
|
| MD5 |
e149296010733ee85ca91690c08ddcaa
|
|
| BLAKE2b-256 |
7e118198ded87020be6d5c7be97bdaeb797b8248a54264bd40ef161538eb24e6
|
File details
Details for the file sigmark-0.1.0-py3-none-any.whl.
File metadata
- Download URL: sigmark-0.1.0-py3-none-any.whl
- Upload date:
- Size: 6.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ba6fffcd6c5af1c93aeba01a5665b8cffc5b4bdcbe2261916395555e2c5c055d
|
|
| MD5 |
2fdd4038ddfea8328fe3efc1c8831392
|
|
| BLAKE2b-256 |
1e5f708ab7b74b17ac63abd1f700ae189c725dec428ef1391ff520fb230b3cff
|
