On Wed, Dec 16, 2015 at 10:12:12AM -0800, Junio C Hamano wrote: > I do not quite understand how that would help anything. I do not > personally believe in projects that wants to sign each and every > commit, but to them, "an empty signed commit on top" would not fix > anything once they have an unsigned commit at the tip of a public > branch. And for those that care about only the tip to be signed, > instead of adding such an empty commit, you would rebuild and sign > your work on top of that unsigned public tip and push back---at > which point the tip of the public branch would have a signature from > you. So such an empty signed commit would either not help, or not > necessary, to make the resulting history kosher again. > Checking all commits was a mistake I made because of misinterpreting the git-merge code. Only the tip should be checked for a signature. And the reason to get it signed instead of just signing the commits rebased on top is to defer to the judgement of the author of the branch you're rebasing onto instead of checking the unsigned commits for validity yourself. As I understand it, this is the same reason for the existence of --verify-signatures for git-merge. Otherwise the same argument could be made for git-merge - just do whatever cleanup you need after merging and sign it yourself. Or maybe I haven't grasped what --verify-signatures is for. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html