On Wed, Mar 22, 2017 at 06:41:24PM -0400, Jeff King wrote: > > In that case, something like this would be closer to the desired > > behavior? > > Yes, though you can spell: > > cat >expect <<-\EOF > EOF > > as just: > > >expect
Ah, that sounds like a better way to fix this with a smaller diff.
>
> > I'm also unsure on what would be the right thing to put on the commit
> > message.
>
> I think the argument is:
>
> 1. It's safer not to expound on tags that have failed verification (so
> that the caller cannot accidentally use them). Especially since the
> --format cannot tell anything about the GPG status.
>
> That means that
>
> tag=$(git verify-tag --format='%(tag)' foo)
>
> can use a non-blank $tag without having to wonder whether it is
> valid or not.
>
> and
>
> 2. That's what we've done since the feature was released.
>
> The only thing that would give me pause is if were to later add
> %G-like formatters, and then:
>
> xargs git verify-tag --format='%(gpg:status) %(tag)' |
> while read status tag
> do
> ...
> done
>
> would become useful, but we'd be tied to the behavior that we omit the
> tag when the gpg verification failed (for backwards compatibility).
> OTOH, we could perhaps make the rule "ignored unless %(gpg) formatters
> are used". Which would be backwards-compatible and safe for old formats,
> and work correctly for new ones.
This sounds like a helpful addition to implement. We could update/add
tests for compliance on this once the feature is addded and fix the
ambiguous behavior in the tests now.
Thanks,
-Santiago.
---
diff --git a/t/t7004-tag.sh b/t/t7004-tag.sh
index b4698ab5f..0581053a0 100755
--- a/t/t7004-tag.sh
+++ b/t/t7004-tag.sh
@@ -896,17 +896,15 @@ test_expect_success GPG 'verifying a forged tag should
fail' '
'
test_expect_success 'verifying a proper tag with --format pass and format
accordingly' '
- cat >expect <<-\EOF
+ cat >expect <<-\EOF &&
tagname : signed-tag
- EOF &&
+ EOF
git tag -v --format="tagname : %(tag)" "signed-tag" >actual &&
test_cmp expect actual
'
-test_expect_success 'verifying a forged tag with --format fail and format
accordingly' '
- cat >expect <<-\EOF
- tagname : forged-tag
- EOF &&
+test_expect_success 'verifying a forged tag with --format should fail
silently' '
+ >expect &&
test_must_fail git tag -v --format="tagname : %(tag)" "forged-tag"
>actual &&
test_cmp expect actual
'
diff --git a/t/t7030-verify-tag.sh b/t/t7030-verify-tag.sh
index d62ccbb98..173a88e89 100755
--- a/t/t7030-verify-tag.sh
+++ b/t/t7030-verify-tag.sh
@@ -126,17 +126,15 @@ test_expect_success GPG 'verify multiple tags' '
'
test_expect_success 'verifying tag with --format' '
- cat >expect <<-\EOF
+ cat >expect <<-\EOF &&
tagname : fourth-signed
- EOF &&
+ EOF
git verify-tag --format="tagname : %(tag)" "fourth-signed" >actual &&
test_cmp expect actual
'
-test_expect_success 'verifying a forged tag with --format fail and format
accordingly' '
- cat >expect <<-\EOF
- tagname : 7th forged-signed
- EOF &&
+test_expect_success 'verifying a forged tag with --format should fail
silently' '
+ >expect &&
test_must_fail git verify-tag --format="tagname : %(tag)" $(cat
forged1.tag) >actual-forged &&
test_cmp expect actual-forged
'
signature.asc
Description: PGP signature
