delta/git.git, branch jc/signed-commit github.com: git/git.git gpg-interface: allow use of a custom GPG binary 2011-11-29T20:30:02+00:00 Junio C Hamano gitster@pobox.com 2011-11-29T20:29:48+00:00 0c5e70f041bfda8b3899d13694a9093b41fafa19 Signed-off-by: Junio C Hamano <gitster@pobox.com> 
Signed-off-by: Junio C Hamano <gitster@pobox.com>
pretty: %G[?GS] placeholders 2011-11-13T06:27:38+00:00 Junio C Hamano gitster@pobox.com 2011-10-22T04:06:02+00:00 f6667c5ee8148af28cc97049695f60f5105b3061 Add new placeholders related to the GPG signature on signed commits. - %GG to show the raw verification message from GPG; - %G? to show either "G" for Good, "B" for Bad; - %GS to show the name of the signer. Signed-off-by: Junio C Hamano <gitster@pobox.com> 
Add new placeholders related to the GPG signature on signed commits.

 - %GG to show the raw verification message from GPG;
 - %G? to show either "G" for Good, "B" for Bad;
 - %GS to show the name of the signer.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
test "commit -S" and "log --show-signature" 2011-11-13T06:27:38+00:00 Junio C Hamano gitster@pobox.com 2011-10-20T00:15:05+00:00 247503f28fe25e400df6542cf72ade7c5b6cfacf Signed-off-by: Junio C Hamano <gitster@pobox.com> 
Signed-off-by: Junio C Hamano <gitster@pobox.com>
log: --show-signature 2011-11-13T06:27:38+00:00 Junio C Hamano gitster@pobox.com 2011-10-18T22:53:23+00:00 0c37f1fce6cb7997dbb2703d35eef0dfd86c5070 This teaches the "log" family of commands to pass the GPG signature in the commit objects to "gpg --verify" via the verify_signed_buffer() interface used to verify signed tag objects. E.g. $ git show --show-signature -s HEAD shows GPG output in the header part of the output. Signed-off-by: Junio C Hamano <gitster@pobox.com> 
This teaches the "log" family of commands to pass the GPG signature in the
commit objects to "gpg --verify" via the verify_signed_buffer() interface
used to verify signed tag objects. E.g.

    $ git show --show-signature -s HEAD

shows GPG output in the header part of the output.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
commit: teach --gpg-sign option 2011-11-13T06:27:37+00:00 Junio C Hamano gitster@pobox.com 2011-10-06T00:23:20+00:00 ba3c69a9ee1894de397b60d3b548383e13ef49e3 This uses the gpg-interface.[ch] to allow signing the commit, i.e. $ git commit --gpg-sign -m foo You need a passphrase to unlock the secret key for user: "Junio C Hamano <gitster@pobox.com>" 4096-bit RSA key, ID 96AFE6CB, created 2011-10-03 (main key ID 713660A7) [master 8457d13] foo 1 files changed, 1 insertions(+), 0 deletions(-) The lines of GPG detached signature are placed in a new multi-line header field, instead of tucking the signature block at the end of the commit log message text (similar to how signed tag is done), for multiple reasons: - The signature won't clutter output from "git log" and friends if it is in the extra header. If we place it at the end of the log message, we would need to teach "git log" and friends to strip the signature block with an option. - Teaching new versions of "git log" and "gitk" to optionally verify and show signatures is cleaner if we structurally know where the signature block is (instead of scanning in the commit log message). - The signature needs to be stripped upon various commit rewriting operations, e.g. rebase, filter-branch, etc. They all already ignore unknown headers, but if we place signature in the log message, all of these tools (and third-party tools) also need to learn how a signature block would look like. - When we added the optional encoding header, all the tools (both in tree and third-party) that acts on the raw commit object should have been fixed to ignore headers they do not understand, so it is not like that new header would be more likely to break than extra text in the commit. A commit made with the above sample sequence would look like this: $ git cat-file commit HEAD tree 3cd71d90e3db4136e5260ab54599791c4f883b9d parent b87755351a47b09cb27d6913e6e0e17e6254a4d4 author Junio C Hamano <gitster@pobox.com> 1317862251 -0700 committer Junio C Hamano <gitster@pobox.com> 1317862251 -0700 gpgsig -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAABAgAGBQJOjPtrAAoJELC16IaWr+bL4TMP/RSe2Y/jYnCkds9unO5JEnfG ... =dt98 -----END PGP SIGNATURE----- foo but "git log" (unless you ask for it with --pretty=raw) output is not cluttered with the signature information. Signed-off-by: Junio C Hamano <gitster@pobox.com> 
This uses the gpg-interface.[ch] to allow signing the commit, i.e.

    $ git commit --gpg-sign -m foo
    You need a passphrase to unlock the secret key for
    user: "Junio C Hamano <gitster@pobox.com>"
    4096-bit RSA key, ID 96AFE6CB, created 2011-10-03 (main key ID 713660A7)

    [master 8457d13] foo
     1 files changed, 1 insertions(+), 0 deletions(-)

The lines of GPG detached signature are placed in a new multi-line header
field, instead of tucking the signature block at the end of the commit log
message text (similar to how signed tag is done), for multiple reasons:

 - The signature won't clutter output from "git log" and friends if it is
   in the extra header. If we place it at the end of the log message, we
   would need to teach "git log" and friends to strip the signature block
   with an option.

 - Teaching new versions of "git log" and "gitk" to optionally verify and
   show signatures is cleaner if we structurally know where the signature
   block is (instead of scanning in the commit log message).

 - The signature needs to be stripped upon various commit rewriting
   operations, e.g. rebase, filter-branch, etc. They all already ignore
   unknown headers, but if we place signature in the log message, all of
   these tools (and third-party tools) also need to learn how a signature
   block would look like.

 - When we added the optional encoding header, all the tools (both in tree
   and third-party) that acts on the raw commit object should have been
   fixed to ignore headers they do not understand, so it is not like that
   new header would be more likely to break than extra text in the commit.

A commit made with the above sample sequence would look like this:

    $ git cat-file commit HEAD
    tree 3cd71d90e3db4136e5260ab54599791c4f883b9d
    parent b87755351a47b09cb27d6913e6e0e17e6254a4d4
    author Junio C Hamano <gitster@pobox.com> 1317862251 -0700
    committer Junio C Hamano <gitster@pobox.com> 1317862251 -0700
    gpgsig -----BEGIN PGP SIGNATURE-----
     Version: GnuPG v1.4.10 (GNU/Linux)

     iQIcBAABAgAGBQJOjPtrAAoJELC16IaWr+bL4TMP/RSe2Y/jYnCkds9unO5JEnfG
     ...
     =dt98
     -----END PGP SIGNATURE-----

    foo

but "git log" (unless you ask for it with --pretty=raw) output is not
cluttered with the signature information.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
commit-tree: teach -m/-F options to read logs from elsewhere 2011-11-13T06:25:07+00:00 Junio C Hamano gitster@pobox.com 2011-11-09T19:54:04+00:00 96b8d93a539f3a9f43f0fc38214db8753cac3c2e Just like "git commit" does. Signed-off-by: Junio C Hamano <gitster@pobox.com> 
Just like "git commit" does.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
commit-tree: update the command line parsing 2011-11-10T06:27:17+00:00 Junio C Hamano gitster@pobox.com 2011-11-09T19:33:55+00:00 79a9312cc99f9c2f2949e1211c708896e6037f64 We have kept the original "git commit-tree <tree> -p <parent> ..." syntax forever, but "git commit-tree -p <parent> -p <parent> ... <tree>" would be more intuitive way to spell it. Dashed flags along with their arguments come first and then the "thing" argument after the flags. Signed-off-by: Junio C Hamano <gitster@pobox.com> 
We have kept the original "git commit-tree <tree> -p <parent> ..." syntax
forever, but "git commit-tree -p <parent> -p <parent> ... <tree>" would be
more intuitive way to spell it. Dashed flags along with their arguments
come first and then the "thing" argument after the flags.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
commit: teach --amend to carry forward extra headers 2011-11-10T06:27:11+00:00 Junio C Hamano gitster@pobox.com 2011-11-08T23:38:07+00:00 ed7a42a0752fd71cf04273b8e691966dd2c33ebe After running "git pull $there for-linus" to merge a signed tag, the integrator may need to amend the resulting merge commit to fix typoes in it. Teach --amend option to read the existing extra headers, and carry them forward. Signed-off-by: Junio C Hamano <gitster@pobox.com> 
After running "git pull $there for-linus" to merge a signed tag, the
integrator may need to amend the resulting merge commit to fix typoes
in it. Teach --amend option to read the existing extra headers, and
carry them forward.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
merge: force edit and no-ff mode when merging a tag object 2011-11-09T18:29:42+00:00 Junio C Hamano gitster@pobox.com 2011-11-08T00:29:34+00:00 fab47d057559301c74d6642576694fd251a3fd11 Now that we allow pulling a tag from the remote site to validate the authenticity, we should give the user the final chance to verify and edit the merge message. The integrator is expected to leave a meaningful merge commit log in the history. Disallow fast-forwarding in such a case to ensure that a merge commit is always recorded. Signed-off-by: Junio C Hamano <gitster@pobox.com> 
Now that we allow pulling a tag from the remote site to validate the
authenticity, we should give the user the final chance to verify and edit
the merge message. The integrator is expected to leave a meaningful merge
commit log in the history. Disallow fast-forwarding in such a case to
ensure that a merge commit is always recorded.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
commit: copy merged signed tags to headers of merge commit 2011-11-09T18:28:04+00:00 Junio C Hamano gitster@pobox.com 2011-11-08T00:21:32+00:00 5231c633f2e54723d53a8cd928d9bc98b39dc35f Now MERGE_HEAD records the tag objects without peeling, we could record the result of manual conflict resolution via "git commit" without losing the tag information. Introduce a new "mergetag" multi-line header field to the commit object, and use it to store the entire contents of each signed tag merged. A commit header that has a multi-line payload begins with the header tag (e.g. "mergetag" in this case), SP, the first line of payload, LF, and all the remaining lines have a SP inserted at the beginning. In hindsight, it would have been better to make "merge --continue" as the way to continue from such an interrupted merge, not "commit", but this is a backward compatibility baggage we would need to carry around for now. Signed-off-by: Junio C Hamano <gitster@pobox.com> 
Now MERGE_HEAD records the tag objects without peeling, we could record
the result of manual conflict resolution via "git commit" without losing
the tag information. Introduce a new "mergetag" multi-line header field to
the commit object, and use it to store the entire contents of each signed
tag merged.

A commit header that has a multi-line payload begins with the header tag
(e.g. "mergetag" in this case), SP, the first line of payload, LF, and all
the remaining lines have a SP inserted at the beginning.

In hindsight, it would have been better to make "merge --continue" as the
way to continue from such an interrupted merge, not "commit", but this is
a backward compatibility baggage we would need to carry around for now.

Signed-off-by: Junio C Hamano <gitster@pobox.com>