On Fri, Jan 22, 2021 at 11:58:19PM -0500, Jeff King wrote:
> We also rely on system gzip. That's pretty stable, but I have heard tell
> that even `gzip -n` may differ on platforms.
The signatures are made against uncompressed .tar output, so this is not a
consideration.
> Another fun one I saw recently: using export-subst with $Format:%h$ will
> produce different results depending on how many objects are present in
> the repository running git-archive.
As long as the output is the same with thhe flags we specified in the
comment, we're still okay. E.g.:
-----BEGIN PGP SIGNATURE-----
Comment: This signature is for the .tar version of the archive
Comment: git archive --format tar --prefix=linux-5.10.9/ v5.10.9
Comment: git version 2.30.0
If running "git archive --format tar --prefix=linux-5.10.9/ v5.10.9" becomes
non-deterministic within the same version of git, *then* I'm in trouble. It's
been remarkably stable within the past 8 years, so I don't expect there's a
dramatic reason why "--format tar" output would need to change -- it's not
like the tar spec is much of a moving target.
-K
