Michael J Gruber <git@xxxxxxxxxxxxxxxxxxxx> writes:
> According to gpg2's doc/DETAILS:
> "For each signature only one of the codes GOODSIG, BADSIG, EXPSIG,
> EXPKEYSIG, REVKEYSIG or ERRSIG will be emitted."
>
> gpg1 ("classic") behaves the same (although doc/DETAILS
> differs).
>
> Currently, we parse gpg's status output for GOODSIG, BADSIG and trust
> information and translate that into status codes G, B, U, N for the %G?
> format specifier.
>
> git-verify-* returns success in the GOODSIG case only. This is somewhat in
> disagreement with gpg, which considers the first 5 of the 6 above as VALIDSIG,
> but we err on the very safe side.
>
> Introduce additional status codes E, X, R for ERRSIG, EXP*SIG, REVKEYSIG
> so that a user of %G? gets more information about the absence of a 'G'
> on first glance.
>
> Reported-by: Alex <agrambot@xxxxxxxxx>
> Signed-off-by: Michael J Gruber <git@xxxxxxxxxxxxxxxxxxxx>
That probably was requested-by, but that's OK.
> I'd be happy to learn are more portable/safer/cooler way to make gpg forget
> that key in the added test...
We seem to set GNUPGHOME to $HOME/gnupg-home-not-used in test-lib.sh
to say "No gnupg keys for you!" for all the tests by default, which
is overriden by the signature tests like 7510. I do not know if
that is more portable/safer/cooler than setting it to /dev/null but
imitating it might be a way for you to push the potential problem
away to other people ;-) If it becomes an issue to set it to a
directory that does not exist with an updated future version of GPG,
this new test will share the same problem with everybody else, and
hopefully the solution would be the same ;-)
Having said that, if GNUPGHOME=/dev/null works for you, that's good
enough for now, so that people on other platforms can test it and
report.
Thanks.
> diff --git a/t/t7510-signed-commit.sh b/t/t7510-signed-commit.sh
> index 6e839f5..fd22742 100755
> --- a/t/t7510-signed-commit.sh
> +++ b/t/t7510-signed-commit.sh
> @@ -190,7 +190,7 @@ test_expect_success GPG 'show bad signature with custom format' '
> test_cmp expect actual
> '
>
> -test_expect_success GPG 'show unknown signature with custom format' '
> +test_expect_success GPG 'show untrusted signature with custom format' '
> cat >expect <<-\EOF &&
> U
> 61092E85B7227189
> @@ -200,6 +200,15 @@ test_expect_success GPG 'show unknown signature with custom format' '
> test_cmp expect actual
> '
>
> +test_expect_success GPG 'show unknown signature with custom format' '
> + cat >expect <<-\EOF &&
> + E
> + 61092E85B7227189
> + EOF
> + GNUPGHOME=/dev/null git log -1 --format="%G?%n%GK" eighth-signed-alt >actual &&
> + test_cmp expect actual
> +'
> +
> test_expect_success GPG 'show lack of signature with custom format' '
> cat >expect <<-\EOF &&
> N