The same ^M is shown in the output of tutorial
https://www.geekality.net/2017/08/23/setting-up-gpg-signing-for-gitgithub-on-windows/
at item "4. Verify commit was signed"
I confirm the output is right (no ^M characters) with commands
git verify-commit HEAD
git -p verify-commit HEAD
git verify-commit --v HEAD
git verify-commit --raw HEAD
and wrong (ending with ^M characters) with
git log --show-signature -1 HEAD
git -p log --show-signature -1 HEAD
I need gpg version 2.1 or greater to generate a gpg key for my windows
system, as stated by the github documentation:
https://help.github.com/articles/generating-a-new-gpg-key/
that saves my keys in ~/AppData/Roaming/GnuPG.
2018-03-05 15:29 GMT+01:00 Johannes Schindelin <Johannes.Schindelin@xxxxxx>:
> Hi Larry,
>
> On Sun, 4 Mar 2018, Larry Hunter wrote:
>
>> There is bug using "git log --show-signature" in my installation
>>
>> git 2.16.2.windows.1
>> gpg (GnuPG) 2.2.4
>> libgcrypt 1.8.2
>
> The gpg.exe shipped in Git for Windows should say something like this:
>
> $ gpg --version
> gpg (GnuPG) 1.4.22
> Copyright (C) 2015 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later
> <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.
>
> Home: ~/.gnupg
> Supported algorithms:
> Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
> Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
> CAMELLIA128, CAMELLIA192, CAMELLIA256
> Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
> Compression: Uncompressed, ZIP, ZLIB, BZIP2
>
> Therefore, the GNU Privacy Guard version you use is not the one shipped
> and supported by the Git for Windows project.
>
>> that prints (with colors) an extra ^M (carriage return?) at the end of
>> the gpg lines. As an example, the output of "git log --show-signature
>> HEAD" looks like:
>>
>> $ git log --show-signature HEAD
>> commit 46c490188ebd216f20c454ee61108e51b481844e (HEAD -> master)
>> gpg: Signature made 03/04/18 16:53:06 ora solare Europa occidentale^M
>> gpg: using RSA key ...^M
>> gpg: Good signature from "..." [ultimate]^M
>> Author: ... <...>
>> Date: Sun Mar 4 16:53:06 2018 +0100
>> ...
>>
>> To help find a fix, I tested the command "git verify-commit HEAD" that
>> prints (without colors) the same lines without extra ^M characters.
>>
>> $ git verify-commit HEAD
>> gpg: Signature made 03/04/18 16:53:06 ora solare Europa occidentale
>> gpg: using RSA key ...
>> gpg: Good signature from "..." [ultimate]
>
> My guess is that the latter command simply does not go through the pager
> while the former does.
>
> Do you see the ^M in the output of `git -p verify-commit HEAD`?
>
> Ciao,
> Johannes
