On Thu, Oct 26, 2017 at 2:33 PM, Jonathan Nieder <jrnieder@xxxxxxxxx> wrote: > Hi again, > > Mkrtchyan, Tigran wrote: >> Jonathan Nieder wrote: >>> Tigran Mkrtchyan wrote: > >>>> In some workflows we have no control on how git command is executed, >>>> however a signed tags are required. >>> >>> Don't leave me hanging: this leaves me super curious. Can you tell me >>> more about these workflows? >> >> Well, this is a build/release process where we can't pass additional >> command line options to git. TO be hones, is case of annotated tags >> there is already option tag.forceSignAnnotated. However, non annotated >> tags are not forced to be signed. >> >> Additionally, the proposed option is symmetric with commit.gpgSign. > > Now I'm even more curious. I started digging and found https://public-inbox.org/git/20131105112840.GZ4589@xxxxxxxxxxxxxxxx/ which is an answer to "Why do we have commit.gpgSign?" which is a very similar question to begin with. Maybe the answer is also similar (bonus points if the answer also touches when to prefer one over the other)?
