"brian m. carlson" <sandals@xxxxxxxxxxxxxxxxxxxx> writes:
> In the future, we'll want to allow a user to sign both the SHA-1 version
> of a tag and the SHA-256 version at the same time. Since for SHA-1 the
> signature is appended to the tag message, we must use a different way to
> allow multiple signature.
"multiple signatureS"?
> The transition plan envisions this using a gpgsig-sha256 header, much as
> for commits. Refactor the commit code that performs parsing of this
> header and use it for tags that use SHA-256. Check that we get tags in
> the correct format depending on what algorithm we're using.
Sounds sensible.
> diff --git a/t/t6300-for-each-ref.sh b/t/t6300-for-each-ref.sh
> index b3c1092338..caeabfb293 100755
> --- a/t/t6300-for-each-ref.sh
> +++ b/t/t6300-for-each-ref.sh
> @@ -54,6 +54,17 @@ test_atom() {
> "
> }
>
> +test_atom_hash () {
> + local val
> + if [ "$(test_oid algo)" = sha1 ]
> + then
if test "$(...)" = sha1
then
I saw there are a few other copies of these in the result of
applying the whole series.
> + else
> +
> + git cat-file tag "$1" | sed -e '/^gpgsig-sha256/{s/^gpgsig-sha256 //;h;d};/^ /d;${p;x;/^$/d}'
Please line-wrap an overlong line, immediately after the pipe '|' character.
> + fi
> }
