Re: [PATCHv2 3/6] verify-commit: scriptable commit signature verification

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jeff King venit, vidit, dixit 13.06.2014 13:50:
> On Fri, Jun 13, 2014 at 01:45:58PM +0200, Michael J Gruber wrote:
> 
>> I sneekily fix this in 6/6... I thought 3/6 is on next already, too late
>> for a real v2. Otherwise I would put 6/6 before everything else.
> 
> Ah, yeah, I assumed we were still re-rolling (and it looks like you're
> just on pu so far).

We are, I had misread a "What's cooking". So a reroll it is.

>> About the peeling I'm not so sure, since there's a difference between a
>> signed tag pointing to a commit and a signed commit.
> 
> There is, but "verify-commit" is always going to verify the commit, no?
> Not peeling will always result in an error, and never do anything
> useful.
> 
> I admit it's probably not going to come up too often, though. And I
> don't have any argument beyond "it makes sense to me", so I won't push
> for it further.
> 
> -Peff

I guess it boils down to the fact how plumberish it's supposed to be.
Since it's about verification, for some definition of "verify", I'd
rather apply as few automatisms as possible. If the caller wants to know
whether commit deadbeef carries a valid commit signature I'd rather
check that very object.

I also picture doing the "git-verify" thing in the future (with
"--commit" and "--tag" options which make the command insist on the
object type), and then we would not want to peel tags under the hood.

Michael
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]