move got_gotconfig_read() into new file read_gotconfig_privsep.c

move code for reading Git's config file into new file read_gitconfig_privsep.c The end goal here is to remove the dependency of repository.c on privsep.c during compilation.

move functions which open objects into new file object_open_privsep.c For the future, this will make it possible to provide alternative implementations of functions now stored in object_open_privsep.c. This will probably be needed by future gotd(8) which runs inside a chroot(2) environment and without the "exec" pledge(2) promise, making it impossible to run libexec helpers on the fly. Details of this design are not yet settled, but moving functions into a separate compilation unit won't hurt in any case.

create and verify tags signed by SSH keys This adds a new -s flag to 'got tag' that specifies the signer identity (for example, a key file) of the tagger. The tag object will include a signature that validates each of the tag object headers and the tag message. Verifying these signed tags requires maintaining an allowed signers file which maps signer identities (i.e. the email address of the tagger) to SSH public keys. See ssh-keygen(1) for more details of the allowed signers file. After creating this file and providing the path to it in got.conf(5) using the allowed_signers option, tags may be verified using with 'got tag -V tag_name'. The return code will be non-zero if a signature fails to verify. ok stsp@

use a bloom filter to avoid pointless pack index searches

fix regress/fetch build; broken by my renaming of got_fetch_parse_uri()

add per-worktree got.conf(5) file in the .got directory; ok millert

add a -q option to tests for quiet output and use it for 'make regress' Previous default output remains when test cases are run individually. ok tracey

tweak parse_uri() function, declare it as public API, and add a test for it