<feed xmlns='http://www.w3.org/2005/Atom'>
<title>git/t/t7510-signed-commit.sh, branch v2.9.2</title>
<subtitle>Mirror of https://git.kernel.org/pub/scm/git/git.git/
</subtitle>
<id>https://git.shady.money/git/atom?h=v2.9.2</id>
<link rel='self' href='https://git.shady.money/git/atom?h=v2.9.2'/>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/'/>
<updated>2016-05-13T20:18:27Z</updated>
<entry>
<title>Merge branch 'jc/commit-tree-ignore-commit-gpgsign'</title>
<updated>2016-05-13T20:18:27Z</updated>
<author>
<name>Junio C Hamano</name>
<email>gitster@pobox.com</email>
</author>
<published>2016-05-13T20:18:27Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=50b26f561298c58029d408f4b0c5bca20b7806a3'/>
<id>urn:sha1:50b26f561298c58029d408f4b0c5bca20b7806a3</id>
<content type='text'>
"git commit-tree" plumbing command required the user to always sign
its result when the user sets the commit.gpgsign configuration
variable, which was an ancient mistake.  Rework "git rebase" that
relied on this mistake so that it reads commit.gpgsign and pass (or
not pass) the -S option to "git commit-tree" to keep the end-user
expectation the same, while teaching "git commit-tree" to ignore
the configuration variable.  This will stop requiring the users to
sign commit objects used internally as an implementation detail of
"git stash".

* jc/commit-tree-ignore-commit-gpgsign:
  commit-tree: do not pay attention to commit.gpgsign
</content>
</entry>
<entry>
<title>commit-tree: do not pay attention to commit.gpgsign</title>
<updated>2016-05-03T17:59:25Z</updated>
<author>
<name>Junio C Hamano</name>
<email>gitster@pobox.com</email>
</author>
<published>2016-05-02T21:58:45Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=6694856153f85cb552cc92d75ddeabf5bdec4f20'/>
<id>urn:sha1:6694856153f85cb552cc92d75ddeabf5bdec4f20</id>
<content type='text'>
ba3c69a9 (commit: teach --gpg-sign option, 2011-10-05) introduced a
"signed commit" by teaching the --[no]-gpg-sign option and the
commit.gpgsign configuration variable to various commands that
create commits.

Teaching these to "git commit" and "git merge", both of which are
end-user facing Porcelain commands, was perfectly fine.  Allowing
the plumbing "git commit-tree" to suddenly change the behaviour to
surprise the scripts by paying attention to commit.gpgsign was not.

Among the in-tree scripts, filter-branch, quiltimport, rebase and
stash are the commands that run "commit-tree".  If any of these
wants to allow users to always sign every single commit, they should
offer their own configuration (e.g. "filterBranch.gpgsign") with an
option to disable signing (e.g. "git filter-branch --no-gpgsign").

Ignoring commit.gpgsign option _obviously_ breaks the backward
compatibility, but it is easy to follow the standard pattern in
scripts to honor whatever configuration variable they choose to
follow.  E.g.

	case $(git config --bool commit.gpgsign) in
	true) sign=-S ;;
	*) sign= ;;
	esac &amp;&amp;
	git commit-tree $sign ...whatever other args...

Do so to make sure that "git rebase" keeps paying attention to the
configuration variable, which unfortunately is a documented mistake.

Helped-by: Jeff King &lt;peff@peff.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>verify-commit: add option to print raw gpg status information</title>
<updated>2015-06-22T21:20:47Z</updated>
<author>
<name>brian m. carlson</name>
<email>sandals@crustytoothpaste.net</email>
</author>
<published>2015-06-21T23:14:42Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=aeff29dd4dab01b497b2a2cf73e982e846a5fe4c'/>
<id>urn:sha1:aeff29dd4dab01b497b2a2cf73e982e846a5fe4c</id>
<content type='text'>
verify-commit by default displays human-readable output on standard
error.  However, it can also be useful to get access to the raw gpg
status information, which is machine-readable, allowing automated
implementation of signing policy.  Add a --raw option to make
verify-commit produce the gpg status information on standard error
instead of the human-readable format.

Signed-off-by: brian m. carlson &lt;sandals@crustytoothpaste.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>gpg: centralize signature check</title>
<updated>2015-06-22T21:20:46Z</updated>
<author>
<name>brian m. carlson</name>
<email>sandals@crustytoothpaste.net</email>
</author>
<published>2015-06-21T23:14:40Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=434060ec6d9bf50f095db901da3fb9b557e11df1'/>
<id>urn:sha1:434060ec6d9bf50f095db901da3fb9b557e11df1</id>
<content type='text'>
verify-commit and verify-tag both share a central codepath for verifying
commits: check_signature.  However, verify-tag exited successfully for
untrusted signature, while verify-commit exited unsuccessfully.
Centralize this signature check and make verify-commit adopt the older
verify-tag behavior.  This behavior is more logical anyway, as the
signature is in fact valid, whether or not there's a path of trust to
the author.

Signed-off-by: brian m. carlson &lt;sandals@crustytoothpaste.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>verify-commit: add test for exit status on untrusted signature</title>
<updated>2015-06-22T21:20:46Z</updated>
<author>
<name>brian m. carlson</name>
<email>sandals@crustytoothpaste.net</email>
</author>
<published>2015-06-21T23:14:39Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=8e98e5f27aba812c0f095b7e546871e14a4139f6'/>
<id>urn:sha1:8e98e5f27aba812c0f095b7e546871e14a4139f6</id>
<content type='text'>
verify-tag exits successfully if the signature is good but the key is
untrusted.  verify-commit exits unsuccessfully.  This divergence in
behavior is unexpected and unwanted.  Since verify-tag existed earlier,
add a failing test to have verify-commit share verify-tag's behavior.

Signed-off-by: brian m. carlson &lt;sandals@crustytoothpaste.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>Merge branch 'jk/test-chain-lint'</title>
<updated>2015-03-26T18:57:14Z</updated>
<author>
<name>Junio C Hamano</name>
<email>gitster@pobox.com</email>
</author>
<published>2015-03-26T18:57:13Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=30db51a3fec68bfa5a59b9b3886162f536e37320'/>
<id>urn:sha1:30db51a3fec68bfa5a59b9b3886162f536e37320</id>
<content type='text'>
People often forget to chain the commands in their test together
with &amp;&amp;, leaving a failure from an earlier command in the test go
unnoticed.  The new GIT_TEST_CHAIN_LINT mechanism allows you to
catch such a mistake more easily.

* jk/test-chain-lint: (36 commits)
  t9001: drop save_confirm helper
  t0020: use test_* helpers instead of hand-rolled messages
  t: simplify loop exit-code status variables
  t: fix some trivial cases of ignored exit codes in loops
  t7701: fix ignored exit code inside loop
  t3305: fix ignored exit code inside loop
  t0020: fix ignored exit code inside loops
  perf-lib: fix ignored exit code inside loop
  t6039: fix broken &amp;&amp; chain
  t9158, t9161: fix broken &amp;&amp;-chain in git-svn tests
  t9104: fix test for following larger parents
  t4104: drop hand-rolled error reporting
  t0005: fix broken &amp;&amp;-chains
  t7004: fix embedded single-quotes
  t0050: appease --chain-lint
  t9001: use test_when_finished
  t4117: use modern test_* helpers
  t6034: use modern test_* helpers
  t1301: use modern test_* helpers
  t0020: use modern test_* helpers
  ...
</content>
</entry>
<entry>
<title>Merge branch 'mg/verify-commit'</title>
<updated>2015-03-20T20:11:51Z</updated>
<author>
<name>Junio C Hamano</name>
<email>gitster@pobox.com</email>
</author>
<published>2015-03-20T20:11:51Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=4c24385e80b333695470d3f4fdc28918a2d3108a'/>
<id>urn:sha1:4c24385e80b333695470d3f4fdc28918a2d3108a</id>
<content type='text'>
Workarounds for certain build of GPG that triggered false breakage
in a test.

* mg/verify-commit:
  t7510: do not fail when gpg warns about insecure memory
</content>
</entry>
<entry>
<title>t: fix trivial &amp;&amp;-chain breakage</title>
<updated>2015-03-20T17:20:14Z</updated>
<author>
<name>Jeff King</name>
<email>peff@peff.net</email>
</author>
<published>2015-03-20T10:07:15Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=99094a7ad484085b9f6849a8ebe1e23467c5bc14'/>
<id>urn:sha1:99094a7ad484085b9f6849a8ebe1e23467c5bc14</id>
<content type='text'>
These are tests which are missing a link in their &amp;&amp;-chain,
but during a setup phase. We may fail to notice failure in
commands that build the test environment, but these are
typically not expected to fail at all (but it's still good
to double-check that our test environment is what we
expect).

Signed-off-by: Jeff King &lt;peff@peff.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>t7510: do not fail when gpg warns about insecure memory</title>
<updated>2015-03-10T22:25:22Z</updated>
<author>
<name>Kyle J. McKay</name>
<email>mackyle@gmail.com</email>
</author>
<published>2015-03-09T20:03:01Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=3f88c1b524b47560a8ef520d7d702c95261d0a97'/>
<id>urn:sha1:3f88c1b524b47560a8ef520d7d702c95261d0a97</id>
<content type='text'>
Depending on how gpg was built, it may issue the following
message to stderr when run:

  Warning: using insecure memory!

When the test is collecting gpg output it is therefore not
enough to just match on a "gpg: " prefix it must also match
on a "Warning: " prefix wherever it needs to match lines
that have been produced by gpg.

Signed-off-by: Kyle J. McKay &lt;mackyle@gmail.com&gt;
Acked-by: Michael J Gruber &lt;git@drmicha.warpmail.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>Merge branch 'mg/verify-commit'</title>
<updated>2014-07-10T18:27:34Z</updated>
<author>
<name>Junio C Hamano</name>
<email>gitster@pobox.com</email>
</author>
<published>2014-07-10T18:27:33Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=39177c7f184b4c07a1f53f99f59c920c3fb6222d'/>
<id>urn:sha1:39177c7f184b4c07a1f53f99f59c920c3fb6222d</id>
<content type='text'>
Add 'verify-commit' to be used in a way similar to 'verify-tag' is
used.  Further work on verifying the mergetags might be needed.

* mg/verify-commit:
  t7510: test verify-commit
  t7510: exit for loop with test result
  verify-commit: scriptable commit signature verification
  gpg-interface: provide access to the payload
  gpg-interface: provide clear helper for struct signature_check
</content>
</entry>
</feed>
