Mariusz Gronczewski <xani...@gmail.com> writes:

> What is really missing is an ability to display used key ID without
> hammering git log output with regexps, it would be much easier to
> validate incoming commits if there was format option to just display
> key ID instead of signer name. %GS isn't really good solution for that
> because it will show only one of email addresses used in the key and
> script checking signatures would have to always pick "right" one.

The %G<anything> pretty modifiers other than %GG were done mostly as
placeholders.

I think the following would be a good way to refine them:

    - %GG, and possibly "log --show-signature" should run GPG under
      the user's LANG.

    - %G? is mostly useless, unless it is made to always mean "does
      it verify crypto-wise" and nothing else.  One bit is simply
      too small to represent all the cases where you may or may not
      have the signer's key, or you may have the key but you do not
      have enough trust in it (e.g. the key may be expired, revoked,
      or not enough confidence in your web of trust).

    - The "right" one you mention for %GS is easier than you might
      think.  If you just verify against the accompanying "tagger"
      identity, that should be sufficient.  It of course cannot be
      generally solved, as you could tag as person A while signing
      with key for person B, but a simple social convention would
      help us out there: if you tag as Mariusz Gronczewski, your
      signature should also say so.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to