Hello Fabian
> Unfortunately the flag
> themselves are often named --gpg-sign / commit.gpgSign which we can't
> change. We might add a new, more generically named flag & config as an
> alias to these in the future.
Aliases sound like a good idea, this would allow for a slow phase-out of the old flags.
> Regarding the error messages I quite agree with you and had similar
> feedback with our internal testers. These error messages (invalid format
> & unexpected internal error) originate from ssh-keygen. I already
> checked if we can improve these but its not easy since those come from
> quite deep within ssh library code :/. I'll see what i can do, but since
> this changes ssh-keygen behaviour I'm not sure how well received changes
> like this would be.
I see. However, maybe some common cases (like missing or empty files) could be detected by git before even invoking the ssh-keygen command?
> When you say `gpg.ssh.allowedSigners` is not set is the option not
> present? or is it empty? The code should actually trigger
> `error(_("gpg.ssh.allowedSignersFile needs to be configured and exist
> for ssh signature verification"));` in this case.
The option `gpg.ssh.allowedSigners` is not present at all. I just checked again, and noticed that the error message you mentioned *is* there, however it's not part of the red error block, so I overlooked it: https://i.imgur.com/LLvrrxO.png
All other errors are part of the red error block, and are thus much more obvious to see.
Cheers,
Danilo
