We tested both good and bad signatures, but not ones made correctly but with a key for which we have no trust. Signed-off-by: Jeff King <peff@xxxxxxxx> --- I'm not happy about grepping more gpg output, but perhaps this "not certified" is no worse than the current 'Good signature from" greps we have? The internal code uses --status-fd, which is presumably more robust to changes. I dunno. I'd be inclined to go with this, and if it becomes a problem in a future gpg release, we can deal with it then. t/t7510-signed-commit.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/t/t7510-signed-commit.sh b/t/t7510-signed-commit.sh index cdffcbd..04fc2c5 100755 --- a/t/t7510-signed-commit.sh +++ b/t/t7510-signed-commit.sh @@ -43,6 +43,9 @@ test_expect_success GPG 'create signed commits' ' test_tick && git rebase -f HEAD^^ && git tag sixth-signed HEAD^ && git tag seventh-signed + + echo 8 >file && test_tick && git commit -a -m eighth -SB7227189 && + git tag eighth-signed-alt ' test_expect_success GPG 'show signatures' ' @@ -63,6 +66,16 @@ test_expect_success GPG 'show signatures' ' ! grep "BAD signature from" actual && echo $commit OK || exit 1 done + ) && + ( + for commit in eighth-signed-alt + do + git show --pretty=short --show-signature $commit >actual && + grep "Good signature from" actual && + ! grep "BAD signature from" actual && + grep "not certified" actual && + echo $commit OK || exit 1 + done ) ' -- 2.0.0.566.gfe3e6b2 -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html