On Thu, 2018-12-13 at 16:22 -0500, John Passaro wrote: > Currently, users who do not have GPG installed have no way to discern > signed from unsigned commits without examining raw commit data. I > propose two new pretty-print placeholders to expose this information: > > %GR: full ("R"aw) contents of gpgsig header > %G+: Y/N if the commit has nonempty gpgsig header or not > > The second is of course much more likely to be used, but having exposed > the one, exposing the other too adds almost no complexity. > > I'm open to suggestion on the names of these placeholders. > > This commit is based on master but e5a329a279 ("run-command: report exec > failure" 2018-12-11) is required for the tests to pass. > > One note is that this change touches areas of the pretty-format > documentation that are radically revamped in aw/pretty-trailers: see > 42617752d4 ("doc: group pretty-format.txt placeholders descriptions" > 2018-12-08). I have another version of this branch based on that branch > as well, so you can use that in case conflicts with aw/pretty-trailers > arise. > > See: > - https://github.com/jpassaro/git/tree/jp/pretty-expose-gpgsig > - https://github.com/jpassaro/git/tree/jp/pretty-expose-gpgsig--based-on-aw-pretty-trailers > > John Passaro (4): > pretty: expose raw commit signature > t/t7510-signed-commit.sh: test new placeholders > doc, tests: pretty behavior when gpg missing > docs/pretty-formats: add explanation + copy edits > > Documentation/pretty-formats.txt | 21 ++++-- > pretty.c | 36 ++++++++- > t/t7510-signed-commit.sh | 125 +++++++++++++++++++++++++++++-- > 3 files changed, 167 insertions(+), 15 deletions(-) > > > base-commit: 5d826e972970a784bd7a7bdf587512510097b8c7 > prerequisite-patch-id: aedfe228fd293714d9cd0392ac22ff1cba7365db Just a suggestion: since the raw signature is not very useful without the commit data to check it against, and the commit data is non-trivial to construct (requires mangling raw data anyway), maybe you could either add another placeholder to get the data for signature verification, or (alternatively or simultaneously) add a placeholder that prints both data and signature in the OpenPGP message format (i.e. something you can pass straight to 'gpg --verify'). -- Best regards, Michał Górny
Attachment:
signature.asc
Description: This is a digitally signed message part