Michael J Gruber <g...@drmicha.warpmail.net> writes: >> Then currently %G? results in `N', the same as an unsigned commit. >> >> In this case, could %G? please result in a new character? Perhaps `M' >> for "missing public key"? > > Yes, and no. > > Really, there are many different reasons why a signature couldn't be > checked, but gpg itself has these status results: > > "For each signature only one of the three codes GOODSIG, BADSIG or > ERRSIG will be emitted" (doc/DETAILS in gpg's source).
I see. It seems in GPG2 that got expanded to: "For each signature only one of the codes GOODSIG, BADSIG, EXPSIG, EXPKEYSIG, REVKEYSIG or ERRSIG will be emitted." I don't suppose it's worthwhile to support the others? I'm not sure how important the rest are. > ERRSIG comes with additional info (RC) that could be parsed for the reason. > > Also, in addition to that line, there can be other lines with additional > information. So there is a lot that could potentially be shown (and *is* > shown with %GG). In the GOODSIG case, we parse the TRUST info to take > the trust model into account (and return U for untrusted good). > > I wouldn't mind adding E to %G? in the ERRSIG case, even though one has > to look at %GG in any case (N or E) if one wants to have more details. That would be great. As long as %G? can tell between a signed but uncheckable commit and an unsigned commit, then it's good for me. > > Cheers, > Michael Thanks, Alex
