From: Daniel Kahn Gillmor <dkg@fifthhorseman•net>
To: Junio C Hamano <gitster@pobox•com>
Cc: git@vger•kernel.org
Subject: Re: git tag -v should verify that the tag signer intended the same tag name as the user is verifying
Date: Tue, 26 Mar 2019 18:35:57 +0100 [thread overview]
Message-ID: <87ftr9h72a.fsf@fifthhorseman.net> (raw)
In-Reply-To: <xmqqh8brofid.fsf@gitster-ct.c.googlers.com>
[-- Attachment #1: Type: text/plain, Size: 1951 bytes --]
On Mon 2019-03-25 11:27:06 +0900, Junio C Hamano wrote:
> Daniel Kahn Gillmor <dkg@fifthhorseman•net> writes:
>
>> What do you think of my updated proposal for tag.verifyNameMatch ?
>
> Meh to slightly negative for hard-coding project-specific preference
> to the core tools. "We give you --format so go wild in your project
> to do verification your project likes." I think was the conclusion of
> the previous round of discussions, and I do not think we saw any new
> arguments in this round to rethink it in a different way.
Hm, maybe --format is all that's necessary to resolve the concerns about
errors affecting scenario (a) ? If that's the case, then maybe the path
forward is a warning on tagname mismatch (and maybe i can convince you
later than an actual error could be acceptable :P)
But I don't see how to use --format with "git tag -v" at all. Can you
show me what i'm doing wrong? git-tag(1) says that --format defaults to
'%(refname:strip=2)', but git tag -v behaves differently when i specify
that same default explicitly:
0 dkg@alice:~/src/pkg-gnupg/gnupg2$ git tag -v gnupg-2.2.13
object 7922e2dd1c7eee48a8a2cf4799827942489ddd0f
type commit
tag gnupg-2.2.13
tagger Werner Koch <wk@gnupg•org> 1549985965 +0100
You may want to watch the Ellsberg/Chomsky discussion
at <https://riseuptimes.org/2018/04/25/daniel-ellsberg-and-noam-chomsky-discuss-nuclear-war/>
or at <https://theintercept.com/chomsky-ellsberg/>
gpg: Signature made Tue 12 Feb 2019 04:41:32 PM CET
gpg: using RSA key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
gpg: Good signature from "Werner Koch (dist sig)" [full]
Primary key fingerprint: D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6
0 dkg@alice:~/src/pkg-gnupg/gnupg2$ git tag -v --format='%(refname:strip=2)' gnupg-2.2.13
0 dkg@alice:~/src/pkg-gnupg/gnupg2$
What am i missing?
--dkg
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 227 bytes --]
next prev parent reply other threads:[~2019-03-26 17:36 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-20 12:24 git tag -v should verify that the tag signer intended the same tag name as the user is verifying Daniel Kahn Gillmor
2019-03-20 14:20 ` Santiago Torres Arias
2019-03-20 22:00 ` Daniel Kahn Gillmor
2019-03-20 22:35 ` Ævar Arnfjörð Bjarmason
2019-03-22 4:00 ` Daniel Kahn Gillmor
2019-03-24 14:55 ` Ævar Arnfjörð Bjarmason
2019-03-21 1:21 ` Junio C Hamano
2019-03-21 1:31 ` Junio C Hamano
2019-03-21 11:43 ` Ævar Arnfjörð Bjarmason
2019-03-22 5:19 ` Daniel Kahn Gillmor
2019-03-24 12:26 ` Junio C Hamano
2019-03-24 15:07 ` Daniel Kahn Gillmor
2019-03-25 2:27 ` Junio C Hamano
2019-03-26 17:35 ` Daniel Kahn Gillmor [this message]
2019-03-26 18:40 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ftr9h72a.fsf@fifthhorseman.net \
--to=dkg@fifthhorseman$(echo .)net \
--cc=git@vger$(echo .)kernel.org \
--cc=gitster@pobox$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox