From: Junio C Hamano <email@example.com> To: Luke Shumaker <firstname.lastname@example.org> Cc: email@example.com, "Elijah Newren" <firstname.lastname@example.org>, "Jeff King" <email@example.com>, "Johannes Schindelin" <Johannes.Schindelin@gmx.de>, "Nguyễn Thái Ngọc Duy" <firstname.lastname@example.org>, "Taylor Blau" <email@example.com>, "brian m . carlson" <firstname.lastname@example.org>, "Eric Sunshine" <email@example.com>, "Luke Shumaker" <firstname.lastname@example.org> Subject: Re: [PATCH v3 2/3] fast-export: rename --signed-tags='warn' to 'warn-verbatim' Date: Fri, 30 Apr 2021 09:03:05 +0900 [thread overview] Message-ID: <email@example.com> (raw) In-Reply-To: <firstname.lastname@example.org> (Luke Shumaker's message of "Thu, 29 Apr 2021 13:02:28 -0600") Luke Shumaker <email@example.com> writes: > How about: > > | Specify how to handle signed tags. Since any transformation after the > | export (or during the export, such as excluding revisions) can change > | the hashes being signed, the signatures may not match. I find it a bit worrying that it is unclear what the signature may not match. Knowing Git, I know the answer is "contents that is signed", and I want to make sure it is clear for all readers. Would "may become invalid" be better? I dunno. > | When asking to 'abort' (which is the default), this program will die > | when encountering a signed tag. With 'strip', the tags will silently > | be made unsigned, with 'warn-strip' they will be made unsigned but a > | warning will be displayed, with 'verbatim', they will be silently > | exported and with 'warn-verbatim' (or 'warn', a deprecated synonym), > | they will be exported, but you will see a warning. 'verbatim' should > | not be used unless you know that no transformations affecting tags > | will be performed, or unless you do not care that the resulting tag > | will have an invalid signature. OK. As the current version of "fast-import" has no way to specify what is done to incoming signed tags, it may be the best we can do to discourage 'verbatim'. But if it learns "--signed-tags=<disposition>", I think the resulting ecosystem would become much better. In the ideal world, I would imagine that we want to encourage to always write out the original signatures to the export stream, let any intermediary filters process the stream, and at the very end stage at fast-import, have the --signed-commit/tag option to control what is done to such signatures. The set of plausible options are what you invented for the export side in this series, plus "if the signature still matches, keep it, otherwise strip with warning". If we want to get closer to such an ideal world (you can point out I am wrong and why such a world is not ideal, of course, though), we probably do not want to add "--signed-commit" to "fast-export", as it will have to get deprecated when the ideal world happens. Rather, the future would deprecate the existing "--signed-tags" option from "fast-export" instead.
next prev parent reply other threads:[~2021-04-30 0:03 UTC|newest] Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-04-22 0:27 [PATCH v2 0/3] fast-export, fast-import: implement signed-commits Luke Shumaker 2021-04-22 0:27 ` [PATCH v2 1/3] git-fast-import.txt: add missing LF in the BNF Luke Shumaker 2021-04-22 0:27 ` [PATCH v2 2/3] fast-export: rename --signed-tags='warn' to 'warn-verbatim' Luke Shumaker 2021-04-22 3:59 ` Eric Sunshine 2021-04-22 4:43 ` Luke Shumaker 2021-04-22 4:50 ` Luke Shumaker 2021-04-22 0:27 ` [PATCH v2 3/3] fast-export, fast-import: implement signed-commits Luke Shumaker 2021-04-23 16:41 ` [PATCH v3 0/3] " Luke Shumaker 2021-04-23 16:41 ` [PATCH v3 1/3] git-fast-import.txt: add missing LF in the BNF Luke Shumaker 2021-04-23 16:41 ` [PATCH v3 2/3] fast-export: rename --signed-tags='warn' to 'warn-verbatim' Luke Shumaker 2021-04-28 3:29 ` Junio C Hamano 2021-04-29 19:02 ` Luke Shumaker 2021-04-30 0:03 ` Junio C Hamano [this message] 2021-04-23 16:41 ` [PATCH v3 3/3] fast-export, fast-import: implement signed-commits Luke Shumaker 2021-04-28 4:02 ` Junio C Hamano 2021-04-29 20:06 ` Luke Shumaker 2021-04-29 22:38 ` Elijah Newren 2021-04-29 23:42 ` Junio C Hamano 2021-04-30 2:23 ` Elijah Newren 2021-04-30 3:20 ` Junio C Hamano 2021-04-30 17:07 ` Luke Shumaker 2021-04-30 19:34 ` Luke Shumaker 2021-04-30 19:59 ` Elijah Newren 2021-04-30 22:21 ` Luke Shumaker 2021-04-30 23:25 ` [PATCH v4 0/5] fast-export, fast-import: add support for signed-commits Luke Shumaker 2021-04-30 23:25 ` [PATCH v4 1/5] git-fast-import.txt: add missing LF in the BNF Luke Shumaker 2021-04-30 23:25 ` [PATCH v4 2/5] fast-export: rename --signed-tags='warn' to 'warn-verbatim' Luke Shumaker 2021-04-30 23:25 ` [PATCH v4 3/5] git-fast-export.txt: clarify why 'verbatim' may not be a good idea Luke Shumaker 2021-04-30 23:25 ` [PATCH v4 4/5] fast-export: do not modify memory from get_commit_buffer Luke Shumaker 2021-05-03 4:41 ` Junio C Hamano 2021-04-30 23:25 ` [PATCH v4 5/5] fast-export, fast-import: add support for signed-commits Luke Shumaker 2021-05-03 5:09 ` Junio C Hamano
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style List information: http://vger.kernel.org/majordomo-info.html * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --firstname.lastname@example.org \ --email@example.com \ --cc=Johannes.Schindelin@gmx.de \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --subject='Re: [PATCH v3 2/3] fast-export: rename --signed-tags='\''warn'\'' to '\''warn-verbatim'\''' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
Code repositories for project(s) associated with this inbox: https://80x24.org/mirrors/git.git This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).