>>> - The origin information is no longer cryptographically protected (under >>> certain circumstances this could be considered an advantage and a >>> disadvantage at the same time). > >> I haven't thought enough about it to decide whether there is a scenario >> where making such a "cherry-picked from" annotation might make use of >> that property. > > Being able to subvert the authenticity of git blame by providing fake > origin information is not very appealing. You could use a dummy submodule to ensure that each commit pointed to the right set of notes. It would force to create a separate commit whenever you modified the notes, which is actually not bad. Alternatively, the header of the commit can be modified to add a pointer to a tree object for the notes; I suppose this is more palatable than the origin link. The tree could be organized in directories+blobs like .git/objects to speed up the lookup. I actually like the commit notes idea, but then I wonder: why are the author and committer part of the commit object? How does the plumbing use them? Isn't that metadata that could live in the "notes"? And so, why should the origin link have less privileges? Paolo -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
