Re: [PATCHv3 0/5] verify-commit: verify commit signatures

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Jun 23, 2014 at 09:05:46AM +0200, Michael J Gruber wrote:

> This incorporates all remarks about the test coding guidelines and
> rearranging the series.
> 
> Open questions:
> - There was some debate about (optionally) verifying more than what
> git-verify-{commit,tag} currently do, or going for a generic git-verify command.
> The former would require both to be changed (in order to treat similar cases similarly),
> the latter would need a deprecation for git-verify-tag.

I think that a potential "git verify" doesn't need to block this series,
per the logic I gave elsewhere.

The one thing that does give me pause is that we do not seem to have any
way of accessing mergetag signatures. We should perhaps stop and think
for a second about how we might expose those (and whether it would fit
into the "git-verify-{commit,tag}" paradigm). I am tempted to say that
"git verify-tag" on a commit should verify the mergetag (right now it
would simply be an error). But I haven't though that hard on it.

I don't think implementation of that needs to be a blocker for this
series, but I'd rather see at least a vague plan so that we do not paint
ourselves into a corner.

> Michael J Gruber (5):
>   gpg-interface: provide clear helper for struct signature_check
>   gpg-interface: provide access to the payload
>   verify-commit: scriptable commit signature verification
>   t7510: exit for loop with test result
>   t7510: test verify-commit

I didn't see anything objectionable here. I think you may want to rebase
on top of jk/pretty-G-format-fixes. That makes your patch 4 redundant,
and your patch 5 will probably need a few minor updates to match
cleanups in the surrounding code.

-Peff
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]