santi...@nyu.edu writes:

> From: Santiago Torres <santi...@nyu.edu>
>
> Callers of verify-tag may want to cross-check the tagname from refs/tags
> with the tagname from the tag object header upon GPG verification. This
> is to avoid tag refs that point to an incorrect object.
>
> Add a --format parameter to git verify-tag to print the formatted tag
> object header in addition to or instead of the --verbose or --raw GPG
> verification output.
>
> Signed-off-by: Santiago Torres <santi...@nyu.edu>
> ---
>  builtin/verify-tag.c | 13 +++++++++++--
>  1 file changed, 11 insertions(+), 2 deletions(-)
>
> diff --git a/builtin/verify-tag.c b/builtin/verify-tag.c
> index 7a1121b..319d469 100644
> --- a/builtin/verify-tag.c
> +++ b/builtin/verify-tag.c
> @@ -12,12 +12,15 @@
>  #include <signal.h>
>  #include "parse-options.h"
>  #include "gpg-interface.h"
> +#include "ref-filter.h"
>  
>  static const char * const verify_tag_usage[] = {
> -             N_("git verify-tag [-v | --verbose] <tag>..."),
> +             N_("git verify-tag [-v | --verbose] [--format=<format>] 
> <tag>..."),
>               NULL
>  };
>  
> +char *fmt_pretty;

Does this have to be extern?  I do not think so; prepend "static "
in front of it.

>       while (i < argc) {
>               unsigned char sha1[20];
>               const char *name = argv[i++];
>               if (get_sha1(name, sha1))
>                       had_error = !!error("tag '%s' not found.", name);
>               else {
> -                     if (verify_and_format_tag(sha1, name, NULL, flags))
> +                     if (verify_and_format_tag(sha1, name, fmt_pretty, 
> flags))

OK.  The callchain from here is

    verify_and_format_tag()
    -> run_gpg_verify()
      -> print_signature_buffer()

so not cramming QUIET into the flags parameter that is already
passed is cumbersome.  As I said in my earlier review, it would make
more sense to have the conditional NOT in print_signature_buffer()
but in its caller, but it still is OK to add GPG_VERIFY_QUIET bit
to the flag, which you would check in run_gpg_verify() to decide not
to call print_signature_buffer().

Reply via email to