From: Junio C Hamano <gitster@pobox.com>
To: Luke Shumaker <lukeshu@lukeshu.com>
Cc: git@vger.kernel.org, "Elijah Newren" <newren@gmail.com>,
"Jeff King" <peff@peff.net>,
"Johannes Schindelin" <Johannes.Schindelin@gmx.de>,
"Nguyễn Thái Ngọc Duy" <pclouds@gmail.com>,
"Taylor Blau" <me@ttaylorr.com>,
"brian m . carlson" <sandals@crustytoothpaste.net>,
"Eric Sunshine" <sunshine@sunshineco.com>,
"Luke Shumaker" <lukeshu@datawire.io>
Subject: Re: [PATCH v4 5/5] fast-export, fast-import: add support for signed-commits
Date: Mon, 03 May 2021 14:09:12 +0900 [thread overview]
Message-ID: <xmqq1rao9zev.fsf@gitster.g> (raw)
In-Reply-To: <20210430232537.1131641-6-lukeshu@lukeshu.com> (Luke Shumaker's message of "Fri, 30 Apr 2021 17:25:37 -0600")
Luke Shumaker <lukeshu@lukeshu.com> writes:
> From: Luke Shumaker <lukeshu@datawire.io>
>
> fast-export has a --signed-tags= option that controls how to handle tag
> signatures. However, there is no equivalent for commit signatures; it
> just silently strips the signature out of the commit (analogously to
> --signed-tags=strip).
>
> While signatures are generally problematic for fast-export/fast-import
> (because hashes are likely to change), if they're going to support tag
> signatures, there's no reason to not also support commit signatures.
>
> So, implement a --signed-commits= option that mirrors the --signed-tags=
> option.
>
> On the fast-export side, try to be as much like signed-tags as possible,
> in both implementation and in user-interface. This will changes the
s/changes/change/;
> default behavior to '--signed-commits=abort' from what is now
> '--signed-commits=strip'. In order to provide an escape hatch for users
> of third-party tools that call fast-export and do not yet know of the
> --signed-commits= option, add an environment variable
> 'FAST_EXPORT_SIGNED_COMMITS_NOABORT=1' that changes the default to
> '--signed-commits=warn-strip'.
Nicely explained.
> +static const char *find_commit_multiline_header(const char *msg,
> + const char *key,
> + const char **end)
> +{
> + static struct strbuf val = STRBUF_INIT;
> + const char *bol, *eol;
> + size_t len;
> +
> + strbuf_reset(&val);
> +
> + bol = find_commit_header(msg, key, &len);
> + if (!bol)
> + return NULL;
> + eol = bol + len;
> + strbuf_add(&val, bol, len);
> +
> + while (eol[0] == '\n' && eol[1] == ' ') {
> + bol = eol + 2;
> + eol = strchrnul(bol, '\n');
> + strbuf_addch(&val, '\n');
> + strbuf_add(&val, bol, eol - bol);
> + }
> +
> + *end = eol;
> + return val.buf;
It is not exactly wrong per se, but using non-static (on stack)
strbuf would make it easier to follow. You can then lose the
strbuf_reset() upfront, and then this will call strbuf_detach().
> diff --git a/t/t9350-fast-export.sh b/t/t9350-fast-export.sh
> index 892737439b..cd51c78418 100755
> --- a/t/t9350-fast-export.sh
> +++ b/t/t9350-fast-export.sh
> @@ -8,6 +8,7 @@ GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME=main
> export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
>
> . ./test-lib.sh
> +. "$TEST_DIRECTORY/lib-gpg.sh"
>
> test_expect_success 'setup' '
>
> @@ -284,9 +285,94 @@ test_expect_success 'signed-tags=warn-strip' '
> test -s err
> '
>
> +test_expect_success GPG 'set up signed commit' '
> +
> + # Generate a commit with both "gpgsig" and "encoding" set, so
> + # that we can test that fast-import gets the ordering correct
> + # between the two.
> + test_config i18n.commitEncoding ISO-8859-1 &&
> + git checkout -f -b commit-signing main &&
> + echo Sign your name > file-sign &&
Style. >file-sign (lose SP between the redirection operator and its
operand).
> + git add file-sign &&
> + git commit -S -m "signed commit" &&
> + COMMIT_SIGNING=$(git rev-parse --verify commit-signing)
> +
> +'
> +
> +test_expect_success GPG 'signed-commits default' '
> +
> + unset FAST_EXPORT_SIGNED_COMMITS_NOABORT &&
sane_unset would be safer here.
> + test_must_fail git fast-export --reencode=no commit-signing &&
> +
> + FAST_EXPORT_SIGNED_COMMITS_NOABORT=1 git fast-export --reencode=no commit-signing >output 2>err &&
> + ! grep ^gpgsig output &&
> + grep "^encoding ISO-8859-1" output &&
> + test -s err &&
> + sed "s/commit-signing/commit-strip-signing/" output |
> + (cd new &&
> + git fast-import &&
> + test $COMMIT_SIGNING != $(git rev-parse --verify refs/heads/commit-strip-signing))
Let's not force readers to match nested parentheses visually
(applies to multiple places in this patch):
sed "s/commit-signing/commit-strip-signing/" output | (
cd new &&
git fast-import &&
STRIPPED=$(git rev-parse --verify refs/heads/commit-strip-signing) &&
test $COMMIT_SIGNING != $STRIPPED
)
> test_expect_success 'setup submodule' '
>
> git checkout -f main &&
> + { git update-ref -d refs/heads/commit-signing || true; } &&
test_might_fail git update-ref -d refs/heads/commit-signing &&
next prev parent reply other threads:[~2021-05-03 5:09 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-22 0:27 [PATCH v2 0/3] fast-export, fast-import: implement signed-commits Luke Shumaker
2021-04-22 0:27 ` [PATCH v2 1/3] git-fast-import.txt: add missing LF in the BNF Luke Shumaker
2021-04-22 0:27 ` [PATCH v2 2/3] fast-export: rename --signed-tags='warn' to 'warn-verbatim' Luke Shumaker
2021-04-22 3:59 ` Eric Sunshine
2021-04-22 4:43 ` Luke Shumaker
2021-04-22 4:50 ` Luke Shumaker
2021-04-22 0:27 ` [PATCH v2 3/3] fast-export, fast-import: implement signed-commits Luke Shumaker
2021-04-23 16:41 ` [PATCH v3 0/3] " Luke Shumaker
2021-04-23 16:41 ` [PATCH v3 1/3] git-fast-import.txt: add missing LF in the BNF Luke Shumaker
2021-04-23 16:41 ` [PATCH v3 2/3] fast-export: rename --signed-tags='warn' to 'warn-verbatim' Luke Shumaker
2021-04-28 3:29 ` Junio C Hamano
2021-04-29 19:02 ` Luke Shumaker
2021-04-30 0:03 ` Junio C Hamano
2021-04-23 16:41 ` [PATCH v3 3/3] fast-export, fast-import: implement signed-commits Luke Shumaker
2021-04-28 4:02 ` Junio C Hamano
2021-04-29 20:06 ` Luke Shumaker
2021-04-29 22:38 ` Elijah Newren
2021-04-29 23:42 ` Junio C Hamano
2021-04-30 2:23 ` Elijah Newren
2021-04-30 3:20 ` Junio C Hamano
2021-04-30 17:07 ` Luke Shumaker
2021-04-30 19:34 ` Luke Shumaker
2021-04-30 19:59 ` Elijah Newren
2021-04-30 22:21 ` Luke Shumaker
2021-04-30 23:25 ` [PATCH v4 0/5] fast-export, fast-import: add support for signed-commits Luke Shumaker
2021-04-30 23:25 ` [PATCH v4 1/5] git-fast-import.txt: add missing LF in the BNF Luke Shumaker
2021-04-30 23:25 ` [PATCH v4 2/5] fast-export: rename --signed-tags='warn' to 'warn-verbatim' Luke Shumaker
2021-04-30 23:25 ` [PATCH v4 3/5] git-fast-export.txt: clarify why 'verbatim' may not be a good idea Luke Shumaker
2021-04-30 23:25 ` [PATCH v4 4/5] fast-export: do not modify memory from get_commit_buffer Luke Shumaker
2021-05-03 4:41 ` Junio C Hamano
2021-04-30 23:25 ` [PATCH v4 5/5] fast-export, fast-import: add support for signed-commits Luke Shumaker
2021-05-03 5:09 ` Junio C Hamano [this message]
2025-02-24 14:27 ` [PATCH v5 0/6] " Christian Couder
2025-02-24 14:27 ` [PATCH v5 1/6] git-fast-import.adoc: add missing LF in the BNF Christian Couder
2025-02-24 14:27 ` [PATCH v5 2/6] fast-export: fix missing whitespace after switch Christian Couder
2025-02-24 14:27 ` [PATCH v5 3/6] fast-export: rename --signed-tags='warn' to 'warn-verbatim' Christian Couder
2025-02-24 14:27 ` [PATCH v5 4/6] git-fast-export.txt: clarify why 'verbatim' may not be a good idea Christian Couder
2025-02-24 19:26 ` Elijah Newren
2025-03-10 15:58 ` Christian Couder
2025-02-24 14:27 ` [PATCH v5 5/6] fast-export: do not modify memory from get_commit_buffer Christian Couder
2025-02-24 14:27 ` [PATCH v5 6/6] fast-export, fast-import: add support for signed-commits Christian Couder
2025-02-25 7:35 ` Elijah Newren
2025-02-25 16:25 ` Junio C Hamano
2025-03-10 15:58 ` Christian Couder
2025-02-24 17:01 ` [PATCH v5 0/6] " Junio C Hamano
2025-02-25 7:35 ` Elijah Newren
2025-02-25 7:51 ` Patrick Steinhardt
2025-02-25 16:48 ` Elijah Newren
2025-02-25 16:56 ` Junio C Hamano
2025-03-10 15:59 ` Christian Couder
2025-02-25 14:53 ` Phillip Wood
2025-03-10 15:59 ` Christian Couder
2025-03-10 15:57 ` [PATCH v6 " Christian Couder
2025-03-10 15:57 ` [PATCH v6 1/6] git-fast-import.adoc: add missing LF in the BNF Christian Couder
2025-03-10 15:57 ` [PATCH v6 2/6] fast-export: fix missing whitespace after switch Christian Couder
2025-03-10 15:57 ` [PATCH v6 3/6] fast-export: rename --signed-tags='warn' to 'warn-verbatim' Christian Couder
2025-03-10 15:57 ` [PATCH v6 4/6] git-fast-export.adoc: clarify why 'verbatim' may not be a good idea Christian Couder
2025-03-10 15:57 ` [PATCH v6 5/6] fast-export: do not modify memory from get_commit_buffer Christian Couder
2025-03-10 15:57 ` [PATCH v6 6/6] fast-export, fast-import: add support for signed-commits Christian Couder
2025-03-10 22:36 ` [PATCH v6 0/6] " Elijah Newren
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq1rao9zev.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=lukeshu@datawire.io \
--cc=lukeshu@lukeshu.com \
--cc=me@ttaylorr.com \
--cc=newren@gmail.com \
--cc=pclouds@gmail.com \
--cc=peff@peff.net \
--cc=sandals@crustytoothpaste.net \
--cc=sunshine@sunshineco.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.