Re: [PATCH v2] Add the tag.gpgsign option to sign all created tags

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sun, Mar 20, 2016 at 10:50:48PM -0700, Junio C Hamano wrote:

> > Support `--no-sign` option to countermand configuration `tag.gpgsign`.
> 
> That sound quite counter-intuitive.
> [...]

I was the one who suggested --no-sign, as we usually like to have a way
to countermand the config. But having read your message, I agree that is
probably not the right mental model.

In particular, this:

> I can sort-of understand (but do not necessarily agree that it is a
> good idea) adding new two configurations, i.e.
> 
>  - "even without -a/-s, force the user to annotate the tag" is one
>    configuration, and
> 
>  - "even when the user did not say -s, force the user to sign an
>    annotated tag" is the other.
> 
> And with such a system, I can see why you would need an option
> "--lightweight" to force creation of a light-weight tag (i.e. to
> countermand the first one).  You can view this new option as
> something that sits next to existing -a/-s.  The current system lets
> user choose among the three variants (lightweight, annotated and
> signed) by not giving any, giving -a, and giving -s option
> respectively, but with the "--lightweight" option, the user can ask
> for one of the three explicitly, as opposed to using "lack of either
> -a/-s" as a signal to create lightweight one.

makes sense to me (though like you, I do not necessarily think it is a
good idea and would not use it myself).

Another similar approach would be to collapse this down to a single
variable that selects from the options. IOW:

  1. Add --lightweight for explicitly adding a lightweight tag.

  2. When we are creating a tag and none of "-a", "-s", or
     "--lightweight" is given, use the default given in
     tag.defaultTagType (or whatever we call it), which can
     be "lightweight", "annotated", or "signed".

  3. tag.defaultTagType defaults to "lightweight".

That is conceptually simpler to me, with the main differences being:

  - in yours, the second config would mean that an explicit "-a" implies
    "-s" (unless the user says --no-sign).

  - in mine, there is no way to kick in the signing _only_ when we are
    annotating. If you configure "signed", then you have to explicitly
    say "--lightweight" for lightweight tags.

I dunno. It sounds like Laurent would set it to "signed", and that would
do what he wants. But like I said, I would not plan to use the feature
myself, and I could see it ending up a little bit annoying when you _do_
want a lightweight tag.

-Peff
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]