Thank you all very much! -Schrödinger On Wed, Jun 15, 2016 at 3:07 PM, Michael J Gruber <git@xxxxxxxxxxxxxxxxxxxx> wrote: > Jeff King venit, vidit, dixit 15.06.2016 06:34: >> On Wed, Jun 15, 2016 at 12:27:15PM +0800, ZhenTian wrote: >> >>> I got two more lines from gpg -v during commit with -S: >>> ``` >>> gpg: writing to stdout >>> gpg: RSA/SHA1 signature from: "2EF2AD6E Tian Zhen <tianzhen@xxxxxxxxxxxxxx>" >>> ``` >>> >>> after I commit, I push it to remote, but someone had pushed before to >>> master branch, so I pull on master branch(`git pull --rebase`), then I >>> check my commit via `git log --show-signature`, there is no signature >>> in it, so I commit it with --ament and -S again, the signature is come >>> back. >>> >>> I haven't check signature before push, because I have checked four >>> commits before, every commit is fine. >>> >>> I don't know whether the `git pull` influenced signature or not. >> >> Ah, so the problem is probably that you had a signature _initially_, but >> that it did not survive the rebase. Which makes sense, as rebase would >> need to re-sign. It does not by default, but you can tell it to do so >> with "-S". Or you can set `commit.gpgsign`, which should sign in both >> cases. > > While it's clear that a rebase invalidates the signature, we could try > to be more helpful here, especially given the fact that (with our model) > you can't sign a commit afterwards any more. > > commit.gpgsign signs everything, but there should be a mode for > re-signing signed commits, or at least a warning that rebase dropped a > signature so that you can --amend -S the last commit. > > Michael -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html