On Fri, May 30, 2014 at 01:07:16PM -0700, Eddie Monge wrote:

> Git stash is prompting for passphrase to try to "sign" the changes
> being stashed.
> Reproduce:
> Add to global gitconfig with signing key:
> ```
> [commit]
>   gpgsign = true
> ```
> Go to a repo, make some changes, and then run `git stash`
> Expected: stash the changes as normal
> Actual: git prompts for passphrase (if set)

Well, yeah...stash is making a commit (two, actually), so it wants you
to sign it. :)

I suspect that using "git notes" has a similar problem. I can see an
argument for not signing stashes, as they are meant to be temporary and
not shared. I do think notes probably should be signed.

However, I wonder if it is really ever going to be sane to set
commit.gpgsign and not use something like gpg-agent. For example, if you
were to ever "git rebase" a patch series (or even just use "git rebase
-i" to refactor commits), you would be prompted for your passphrase to
sign each individual patch.

To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to