Shawn O. Pearce wrote: > Well, the idea was to sign the diff, but in a way that would > reasonably allow it to be applied with limited fuzz, such as what > git-apply would accept. Thus signed changes could be emailed out > by git format-patch and git send-email, and applied with git am, > and the signature is still valid so long as the committer didn't > mess with the patch. > > Obviously if a commit was reverted and then reapplied again later, > yes, the signature on the reapply may actually be valid, as the > parents weren't taken into consideration. I have realized I have been mixing things up; I was talking about authors but mostly thinking about committers. The solution you proposed tracked the author, so my question about it being reapplied was a bit meaningless since the signature did not say anything about the committer. My apologies. As with having separate author and committer fields, would it make sense to allow author and committer signatures? Just leaving aside the issue of how much text it would take up for now, the committer's signature could be created as tag signatures are, while the author's could be as you originally described and would track the content. If it reapplied to a different parent, then the signature would be OK, but the committer would be listed as the one who reapplied it. This would match how rebase works. A project operating like the Linux kernel with patches only pulled and emailed might use the author signature without the committer one. I don't think there is any case for committer signing only. If you ever merged or rebased, you automatically strip any committer signature. If the operation succeeds, and the diff against the parent matches the original diff, you could reuse the original author signature. Arunan "Misys" is the trade name for Misys plc (registered in England and Wales). Registration Number: 01360027. Registered office: One Kingdom Street, London W2 6BL, United Kingdom. For a list of Misys group operating companies please go to http://www.misys.com/html/about_us/group_operating_companies/. This email and any attachments have been scanned for known viruses using multiple scanners. This email message is intended for the named recipient only. It may be privileged and/or confidential. If you are not the named recipient of this email please notify us immediately and do not copy it or use it for any purpose, nor disclose its contents to any other person. This email does not constitute the commencement of legal relations between you and Misys plc. Please refer to the executed contract between you and the relevant member of the Misys group for the identity of the contracting party with which you are dealing. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
