On 01/09/2014 09:11 PM, Junio C Hamano wrote: > Andy Lutomirski <luto@xxxxxxxxxxxxxx> writes: > >> It's possible, in principle, to shove enough metadata into the output >> of 'git archive' to allow anyone to verify (without cloning the repo) >> to verify that the archive is a correct copy of a given commit. Would >> this be considered a useful feature? >> >> Presumably there would be a 'git untar' command that would report >> failure if it fails to verify the archive contents. >> >> This could be as simple as including copies of the commit object and >> all relevant tree objects and checking all of the hashes when >> untarring. > > You only need the object name of the top-level tree. After "untar" > the archive into an empty directory, make it a new repository and > "git add . && git write-tree"---the result should match the > top-level tree the archive was supposed to contain. > [...] This wouldn't work if any files were excluded from the archive using gitattribute "export-ignore" (or "export-subst", which you already mentioned in a follow-up email). Michael -- Michael Haggerty mhagger@xxxxxxxxxxxx http://softwareswirl.blogspot.com/ -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html