From: Fox in the shell <KellerFuchs@hashbang.sh>
To: git@vger.kernel.org
Cc: "Michael J. Gruber" <git@drmicha.warpmail.net>,
"Brian M. Carlson" <sandals@crustytoothpaste.ath.cx>,
Junio C Hamano <gitster@pobox.com>
Subject: [PATCH] Documentation: clarify signature verification v2
Date: Thu, 12 May 2016 06:50:22 +0000 [thread overview]
Message-ID: <20160512065022.GA32387@hashbang.sh> (raw)
Hi,
Here is a second attempt at this patch.
Sorry for the delay, life somewhat got in the way.
--
Clarify which commits need to be signed.
Uniformise the vocabulary used wrt. key/signature validity with OpenPGP:
- a signature is valid if made by a key with a valid uid;
- in the default trust-model, a uid is valid if signed by a trusted key;
- a key is trusted if the (local) user set a trust level for it.
Thanks to Junio C Hamano <gitster@pobox.com> for reviewing
the first attempt at this patch.
---
Documentation/merge-options.txt | 7 +++++--
Documentation/pretty-formats.txt | 4 ++--
2 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/Documentation/merge-options.txt b/Documentation/merge-options.txt
index f08e9b8..30808a0 100644
--- a/Documentation/merge-options.txt
+++ b/Documentation/merge-options.txt
@@ -89,8 +89,11 @@ option can be used to override --squash.
--verify-signatures::
--no-verify-signatures::
- Verify that the commits being merged have good and trusted GPG signatures
- and abort the merge in case they do not.
+ Verify that the tip commit of the side branch being merged is
+ signed with a valid key, i.e. a key that has a valid uid: in the
+ default trust model, this means the signing key has been signed by
+ a trusted key. If the tip commit of the side branch is not signed
+ with a valid key, the merge is aborted.
--summary::
--no-summary::
diff --git a/Documentation/pretty-formats.txt b/Documentation/pretty-formats.txt
index 671cebd..29b19b9 100644
--- a/Documentation/pretty-formats.txt
+++ b/Documentation/pretty-formats.txt
@@ -143,8 +143,8 @@ ifndef::git-rev-list[]
- '%N': commit notes
endif::git-rev-list[]
- '%GG': raw verification message from GPG for a signed commit
-- '%G?': show "G" for a Good signature, "B" for a Bad signature, "U" for a good,
- untrusted signature and "N" for no signature
+- '%G?': show "G" for a good (valid) signature, "B" for a bad signature,
+ "U" for a good signature with unknown validity and "N" for no signature
- '%GS': show the name of the signer for a signed commit
- '%GK': show the key used to sign a signed commit
- '%gD': reflog selector, e.g., `refs/stash@{1}`
--
2.1.4
next reply other threads:[~2016-05-12 6:50 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-12 6:50 Fox in the shell [this message]
2016-05-12 8:04 ` [PATCH] Documentation: clarify signature verification v2 Pranit Bauva
2016-05-12 8:08 ` Pranit Bauva
2016-05-12 16:38 ` Junio C Hamano
2016-05-12 17:32 ` Pranit Bauva
2016-05-13 9:37 ` KellerFuchs
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160512065022.GA32387@hashbang.sh \
--to=kellerfuchs@hashbang.sh \
--cc=git@drmicha.warpmail.net \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=sandals@crustytoothpaste.ath.cx \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.