Jeff King <> writes:

> I wonder if it would be sane to remove or quote NULs when attaching the
> buffer to commit->buffer. That would _break_ signatures, but that is a
> good thing. I do not think there is a reason to have NULs in your commit
> message unless you are doing something malicious (or using utf16, but
> that already is horribly broken).

Ahh, our messages crossed.  I do not think we are quite ready to
depart from our traditional position: the payload of a commit object
can be any bytestream, even though we do expect and encourage them
to be human readable text in a reasonable encoding.  And there is no
fundamental reason why we should forbid signing the payload that
happens to be a structured binary blob.

The user may need some way other than "log --show-signature" that
can be used to validate, because "log" itself will be useless for
such a payload with or without signature.  But I think that may be
a more or less orthogonal issue.

To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to
More majordomo info at

Reply via email to