On 10/31/2011 03:44 PM, Junio C Hamano wrote: > "H. Peter Anvin" <hpa@xxxxxxxxx> writes: > >> On 10/31/2011 03:30 PM, Linus Torvalds wrote: >>> >>> But if you do the normal "git pull git://git.kernel.org/name/of/repo" >>> - which is how things happen as a result of a pull request - you won't >>> get tags at all - you have to ask for them by name or use "--tags" to >>> get them all. >>> >> >> Didn't realize that... I guess I'm too used to named remotes. >> >> If so, just using a tag should be fine, no? > > So nobody is worried about this (quoting from my earlier message)? > > On the other hand, the consumers of "Linus kernel" may want to say that > they trust your tree and your tags because they can verify them with your > GPG signature, but also they can independently verify the lieutenants' > trees you pulled from are genuine. > > A signed emphemeral tag is usable as means to verify authenticity in a > hop-by-hop fashion, but that does not leave a permanent trail that can be > used for auditing. > Well, the permanent trail is in the maintainer's tree, but that might still be suboptimal. The problem with Linus pulling those tags I assume that it makes the tree too noisy? -hpa -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html