From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Junio C Hamano <gitster@pobox.com>
Cc: git@vger.kernel.org
Subject: Re: git tag -v should verify that the tag signer intended the same tag name as the user is verifying
Date: Tue, 26 Mar 2019 18:35:57 +0100 [thread overview]
Message-ID: <87ftr9h72a.fsf@fifthhorseman.net> (raw)
In-Reply-To: <xmqqh8brofid.fsf@gitster-ct.c.googlers.com>
[-- Attachment #1: Type: text/plain, Size: 1951 bytes --]
On Mon 2019-03-25 11:27:06 +0900, Junio C Hamano wrote:
> Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes:
>
>> What do you think of my updated proposal for tag.verifyNameMatch ?
>
> Meh to slightly negative for hard-coding project-specific preference
> to the core tools. "We give you --format so go wild in your project
> to do verification your project likes." I think was the conclusion of
> the previous round of discussions, and I do not think we saw any new
> arguments in this round to rethink it in a different way.
Hm, maybe --format is all that's necessary to resolve the concerns about
errors affecting scenario (a) ? If that's the case, then maybe the path
forward is a warning on tagname mismatch (and maybe i can convince you
later than an actual error could be acceptable :P)
But I don't see how to use --format with "git tag -v" at all. Can you
show me what i'm doing wrong? git-tag(1) says that --format defaults to
'%(refname:strip=2)', but git tag -v behaves differently when i specify
that same default explicitly:
0 dkg@alice:~/src/pkg-gnupg/gnupg2$ git tag -v gnupg-2.2.13
object 7922e2dd1c7eee48a8a2cf4799827942489ddd0f
type commit
tag gnupg-2.2.13
tagger Werner Koch <wk@gnupg.org> 1549985965 +0100
You may want to watch the Ellsberg/Chomsky discussion
at <https://riseuptimes.org/2018/04/25/daniel-ellsberg-and-noam-chomsky-discuss-nuclear-war/>
or at <https://theintercept.com/chomsky-ellsberg/>
gpg: Signature made Tue 12 Feb 2019 04:41:32 PM CET
gpg: using RSA key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
gpg: Good signature from "Werner Koch (dist sig)" [full]
Primary key fingerprint: D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6
0 dkg@alice:~/src/pkg-gnupg/gnupg2$ git tag -v --format='%(refname:strip=2)' gnupg-2.2.13
0 dkg@alice:~/src/pkg-gnupg/gnupg2$
What am i missing?
--dkg
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 227 bytes --]
next prev parent reply other threads:[~2019-03-26 17:36 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-20 12:24 git tag -v should verify that the tag signer intended the same tag name as the user is verifying Daniel Kahn Gillmor
2019-03-20 14:20 ` Santiago Torres Arias
2019-03-20 22:00 ` Daniel Kahn Gillmor
2019-03-20 22:35 ` Ævar Arnfjörð Bjarmason
2019-03-22 4:00 ` Daniel Kahn Gillmor
2019-03-24 14:55 ` Ævar Arnfjörð Bjarmason
2019-03-21 1:21 ` Junio C Hamano
2019-03-21 1:31 ` Junio C Hamano
2019-03-21 11:43 ` Ævar Arnfjörð Bjarmason
2019-03-22 5:19 ` Daniel Kahn Gillmor
2019-03-24 12:26 ` Junio C Hamano
2019-03-24 15:07 ` Daniel Kahn Gillmor
2019-03-25 2:27 ` Junio C Hamano
2019-03-26 17:35 ` Daniel Kahn Gillmor [this message]
2019-03-26 18:40 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ftr9h72a.fsf@fifthhorseman.net \
--to=dkg@fifthhorseman.net \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.