<feed xmlns='http://www.w3.org/2005/Atom'>
<title>git/t/t7510-signed-commit.sh, branch v2.3.5</title>
<subtitle>Mirror of https://git.kernel.org/pub/scm/git/git.git/
</subtitle>
<id>https://git.shady.money/git/atom?h=v2.3.5</id>
<link rel='self' href='https://git.shady.money/git/atom?h=v2.3.5'/>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/'/>
<updated>2015-03-23T18:23:20Z</updated>
<entry>
<title>Merge branch 'mg/verify-commit' into maint</title>
<updated>2015-03-23T18:23:20Z</updated>
<author>
<name>Junio C Hamano</name>
<email>gitster@pobox.com</email>
</author>
<published>2015-03-23T18:23:19Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=82b6e331a4f07b6e0080f7d18b4189d53190a04e'/>
<id>urn:sha1:82b6e331a4f07b6e0080f7d18b4189d53190a04e</id>
<content type='text'>
Workarounds for certain build of GPG that triggered false breakage
in a test.

* mg/verify-commit:
  t7510: do not fail when gpg warns about insecure memory
</content>
</entry>
<entry>
<title>t7510: do not fail when gpg warns about insecure memory</title>
<updated>2015-03-10T22:25:22Z</updated>
<author>
<name>Kyle J. McKay</name>
<email>mackyle@gmail.com</email>
</author>
<published>2015-03-09T20:03:01Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=3f88c1b524b47560a8ef520d7d702c95261d0a97'/>
<id>urn:sha1:3f88c1b524b47560a8ef520d7d702c95261d0a97</id>
<content type='text'>
Depending on how gpg was built, it may issue the following
message to stderr when run:

  Warning: using insecure memory!

When the test is collecting gpg output it is therefore not
enough to just match on a "gpg: " prefix it must also match
on a "Warning: " prefix wherever it needs to match lines
that have been produced by gpg.

Signed-off-by: Kyle J. McKay &lt;mackyle@gmail.com&gt;
Acked-by: Michael J Gruber &lt;git@drmicha.warpmail.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>Merge branch 'mg/verify-commit'</title>
<updated>2014-07-10T18:27:34Z</updated>
<author>
<name>Junio C Hamano</name>
<email>gitster@pobox.com</email>
</author>
<published>2014-07-10T18:27:33Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=39177c7f184b4c07a1f53f99f59c920c3fb6222d'/>
<id>urn:sha1:39177c7f184b4c07a1f53f99f59c920c3fb6222d</id>
<content type='text'>
Add 'verify-commit' to be used in a way similar to 'verify-tag' is
used.  Further work on verifying the mergetags might be needed.

* mg/verify-commit:
  t7510: test verify-commit
  t7510: exit for loop with test result
  verify-commit: scriptable commit signature verification
  gpg-interface: provide access to the payload
  gpg-interface: provide clear helper for struct signature_check
</content>
</entry>
<entry>
<title>move "%G" format test from t7510 to t6006</title>
<updated>2014-06-25T22:01:06Z</updated>
<author>
<name>Jeff King</name>
<email>peff@peff.net</email>
</author>
<published>2014-06-25T21:42:17Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=958b2eb26c82f9d99d1fb4d3270601d0a18eaf38'/>
<id>urn:sha1:958b2eb26c82f9d99d1fb4d3270601d0a18eaf38</id>
<content type='text'>
The final test in t7510 checks that "--format" placeholders
that look similar to GPG placeholders (but that we don't
actually understand) are passed through. That test was
placed in t7510, since the other GPG placeholder tests are
there. However, it does not have a GPG prerequisite, because
it is not actually checking any signed commits.

This causes the test to erroneously fail when gpg is not
installed on a system, however. Not because we need signed
commits, but because we need _any_ commit to run "git log".
If we don't have gpg installed, t7510 doesn't create any
commits at all.

We can fix this by moving the test into t6006. This is
arguably a better place anyway, because it is where we test
most of the other placeholders (we do not test GPG
placeholders there because of the infrastructure needed to
make signed commits).

Signed-off-by: Jeff King &lt;peff@peff.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>t7510: test verify-commit</title>
<updated>2014-06-23T22:50:31Z</updated>
<author>
<name>Michael J Gruber</name>
<email>git@drmicha.warpmail.net</email>
</author>
<published>2014-06-23T07:05:51Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=8e92c2cf37038a3b3bb82724f018e4d0ab1180ff'/>
<id>urn:sha1:8e92c2cf37038a3b3bb82724f018e4d0ab1180ff</id>
<content type='text'>
This mixes the "git verify-commit" tests in with the "git show
--show-signature" tests, to keep the tests more readable.

The tests already mix in the "call show" tests with the "verify" tests.
So in case of a test beakage, a '-v' run would be needed to reveal the
exact point of breakage anyway.

Additionally, test the actual output of "git verify-commit" and "git
show --show-signature" and compare to "git cat-file".

Signed-off-by: Michael J Gruber &lt;git@drmicha.warpmail.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>t7510: exit for loop with test result</title>
<updated>2014-06-23T22:50:31Z</updated>
<author>
<name>Michael J Gruber</name>
<email>git@drmicha.warpmail.net</email>
</author>
<published>2014-06-23T07:05:50Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=0f109c92b07eb13ffc675a7e98e9cfc3fee42994'/>
<id>urn:sha1:0f109c92b07eb13ffc675a7e98e9cfc3fee42994</id>
<content type='text'>
t7510 uses for loops in a subshell, which need to make sure that the test
returns with the appropriate error code from within the loop.

Restructure the loops as the usual &amp;&amp; chains with a single point of
"exit 1" at the end of the loop to make this clearer.

Signed-off-by: Michael J Gruber &lt;git@drmicha.warpmail.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>pretty: avoid reading past end-of-string with "%G"</title>
<updated>2014-06-17T20:41:41Z</updated>
<author>
<name>Jeff King</name>
<email>peff@peff.net</email>
</author>
<published>2014-06-17T00:07:07Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=aa4b78d483a918ebee810993e420b4697b0de4d3'/>
<id>urn:sha1:aa4b78d483a918ebee810993e420b4697b0de4d3</id>
<content type='text'>
If the user asks for --format=%G with nothing else, we
correctly realize that "%G" is not a valid placeholder (it
should be "%G?", "%GK", etc). But we still tell the
strbuf_expand code that we consumed 2 characters, causing it
to jump over the trailing NUL and output garbage.

This also fixes the case where "%GX" would be consumed (and
produce no output). In other cases, we pass unrecognized
placeholders through to the final string.

Signed-off-by: Jeff King &lt;peff@peff.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>t7510: check %G* pretty-format output</title>
<updated>2014-06-17T20:41:39Z</updated>
<author>
<name>Jeff King</name>
<email>peff@peff.net</email>
</author>
<published>2014-06-17T00:06:24Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=06ca0f45a063f7186cce96a58a5fb6bef16ec204'/>
<id>urn:sha1:06ca0f45a063f7186cce96a58a5fb6bef16ec204</id>
<content type='text'>
We do not check these along with the other pretty-format
placeholders in t6006, because we need signed commits to
make them interesting. t7510 has such commits, and can
easily exercise them in addition to the regular
--show-signature code path.

Signed-off-by: Jeff King &lt;peff@peff.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>t7510: test a commit signed by an unknown key</title>
<updated>2014-06-17T20:41:28Z</updated>
<author>
<name>Jeff King</name>
<email>peff@peff.net</email>
</author>
<published>2014-06-17T00:05:54Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=4baf839fe0e71dca3f26198b7a4faab439fa2ef6'/>
<id>urn:sha1:4baf839fe0e71dca3f26198b7a4faab439fa2ef6</id>
<content type='text'>
We tested both good and bad signatures, but not ones made
correctly but with a key for which we have no trust.

Signed-off-by: Jeff King &lt;peff@peff.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>t7510: use consistent &amp;&amp;-chains in loop</title>
<updated>2014-06-17T20:39:52Z</updated>
<author>
<name>Michael J Gruber</name>
<email>git@drmicha.warpmail.net</email>
</author>
<published>2014-06-17T00:03:43Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=7b1732c11605f84b809bd120401df49866c27141'/>
<id>urn:sha1:7b1732c11605f84b809bd120401df49866c27141</id>
<content type='text'>
We check multiple commits in a loop. Because we want to
break out of the loop if any single iteration fails, we use
a subshell/exit like:

  (
	for i in $stuff
	do
		do-something $i || exit 1
	done
  )

However, we are inconsistent in our loop body. Some commands
get their own "|| exit 1", and others try to chain to the
next command with "&amp;&amp;", like:

  X &amp;&amp;
  Y || exit 1
  Z || exit 1

This is a little hard to read and follow, because X and Y
are treated differently for no good reason. But much worse,
the second loop follows a similar pattern and gets it wrong.
"Y" is expected to fail, so we use "&amp;&amp; exit 1", giving us:

  X &amp;&amp;
  Y &amp;&amp; exit 1
  Z || exit 1

That gets the test for X wrong (we do not exit unless both X
fails and Y unexpectedly succeeds, but we would want to exit
if _either_ is wrong). We can write this clearly and
correctly by consistently using "&amp;&amp;", followed by a single
"|| exit 1", and negating Y with "!" (as we would in a
normal &amp;&amp;-chain). Like:

  X &amp;&amp;
  ! Y &amp;&amp;
  Z || exit 1

Signed-off-by: Jeff King &lt;peff@peff.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
</feed>
