Junio C Hamano venit, vidit, dixit 08.06.2016 20:43:
> Santiago Torres writes:
>
>> Sorry I'm trying to follow this. Would it be best to then have
>>
>> verify-tag [--check-name=tagname] (tag-ref|tag-name|sha1)?
>>
>> and
>>
>> tag -v [--check-name] (tag-name)
>>
>> Or
Santiago Torres writes:
> Sorry I'm trying to follow this. Would it be best to then have
>
> verify-tag [--check-name=tagname] (tag-ref|tag-name|sha1)?
>
> and
>
> tag -v [--check-name] (tag-name)
>
> Or would --format still work better?
No matter what you do, don't
On Tue, Jun 07, 2016 at 03:35:07PM -0700, Junio C Hamano wrote:
> On Tue, Jun 7, 2016 at 3:29 PM, Jeff King wrote:
> > or even:
> >
> > git tag --show-tag-name foo/v1.0
> >
> > when refs/remotes/foo/v1.0 exists?
> >
> > The rule right now is generally that "git tag" takes actual
On Tue, Jun 7, 2016 at 3:29 PM, Jeff King wrote:
> or even:
>
> git tag --show-tag-name foo/v1.0
>
> when refs/remotes/foo/v1.0 exists?
>
> The rule right now is generally that "git tag" takes actual tag names.
Ahh, I forgot about that. Yes, indeed the command does not work
like
On Tue, Jun 07, 2016 at 03:21:48PM -0700, Junio C Hamano wrote:
> Jeff King writes:
>
> > If you are suggesting that you can do the whole thing today by parsing
> > the tag object yourself, then sure, I agree. I thought the point of the
> > exercise was to make that less painful
Jeff King writes:
> If you are suggesting that you can do the whole thing today by parsing
> the tag object yourself, then sure, I agree. I thought the point of the
> exercise was to make that less painful for the callers.
Yes, and I somehow thought everybody agreed that
On Tue, Jun 07, 2016 at 06:13:25PM -0400, Jeff King wrote:
> On Tue, Jun 07, 2016 at 03:11:47PM -0700, Junio C Hamano wrote:
>
> > On Tue, Jun 7, 2016 at 3:07 PM, Jeff King wrote:
> > >>
> > >> Puzzled. I didn't even use --format=%(tagname) in the above.
> > >
> > > No, but you
On Tue, Jun 07, 2016 at 03:11:47PM -0700, Junio C Hamano wrote:
> On Tue, Jun 7, 2016 at 3:07 PM, Jeff King wrote:
> >>
> >> Puzzled. I didn't even use --format=%(tagname) in the above.
> >
> > No, but you used --show-tagname, which does not exist today (and which
> > IMHO should
On Tue, Jun 07, 2016 at 03:05:50PM -0700, Junio C Hamano wrote:
> Jeff King writes:
>
> > On Tue, Jun 07, 2016 at 02:50:23PM -0700, Junio C Hamano wrote:
> >
> >> >> Or it could even do this:
> >> >>
> >> >> tag="$1"
> >> >> if ! git tag -v "$tag"
> >> >>
Jeff King writes:
> On Tue, Jun 07, 2016 at 02:50:23PM -0700, Junio C Hamano wrote:
>
>> >> Or it could even do this:
>> >>
>> >> tag="$1"
>> >> if ! git tag -v "$tag"
>> >> if ! git tag -v "$tag"
>> >> then
>> >> echo >&2 "Bad tag."
>> >>
On Tue, Jun 07, 2016 at 02:50:23PM -0700, Junio C Hamano wrote:
> >> Or it could even do this:
> >>
> >>tag="$1"
> >>if ! git tag -v "$tag"
> >>if ! git tag -v "$tag"
> >> then
> >>echo >&2 "Bad tag."
> >> exit 1
> >>fi
> >> + tag=$(git tag
Jeff King writes:
> git tag -v --format='%(tag)%n%(tagger)'
>
> or similar. In fact you can already do that with a separate step (modulo
> %n, which we do not seem to understand here), but like your example:
Yes, "--format=%(tag)" is all that is needed to make the example work.
On Tue, Jun 07, 2016 at 05:08:56PM -0400, Jeff King wrote:
> On Tue, Jun 07, 2016 at 03:56:08PM -0400, santi...@nyu.edu wrote:
>
> > diff --git a/tag.c b/tag.c
> > index d1dcd18..591b31e 100644
> > --- a/tag.c
> > +++ b/tag.c
> > @@ -55,6 +55,14 @@ int gpg_verify_tag(const unsigned char *sha1,
On Tue, Jun 07, 2016 at 05:17:07PM -0400, Jeff King wrote:
> That is much more flexible, as they could even do some more complicated
> matching than a single string (though in practice, for security things,
> I think simpler is better).
>
> I think this option is going to become a blueprint for
On Tue, Jun 07, 2016 at 02:05:20PM -0700, Junio C Hamano wrote:
> santi...@nyu.edu writes:
>
> > 1.- Using a tag ref as a check-out mechanism is pretty common by package
> > managers and other tools. Verifying the tag signature provides
> > authentication guarantees, but there is no
On Tue, Jun 07, 2016 at 05:13:14PM -0400, Santiago Torres wrote:
> > 2. What do we do for non-annotated tags? Is it always a failure?
>
> Right now, verify-tag fails with non-annotated tags like this:
>
> santiago at ~/.../git ✔ ./git-verify-tag master
> error: master: cannot verify
On Tue, Jun 07, 2016 at 02:05:20PM -0700, Junio C Hamano wrote:
> It is true that "git cat-file tag v1.4.11" lets you examine all
> lines of a given tag object, but the calling program needs to pick
> pieces apart with something like:
>
> git cat-file tag v1.4.11 | sed -e '/^$/q' -e
On Tue, Jun 07, 2016 at 03:56:08PM -0400, santi...@nyu.edu wrote:
> diff --git a/tag.c b/tag.c
> index d1dcd18..591b31e 100644
> --- a/tag.c
> +++ b/tag.c
> @@ -55,6 +55,14 @@ int gpg_verify_tag(const unsigned char *sha1, const char
> *name_to_report,
>
> ret = run_gpg_verify(buf, size,
santi...@nyu.edu writes:
> 1.- Using a tag ref as a check-out mechanism is pretty common by package
> managers and other tools. Verifying the tag signature provides
> authentication guarantees, but there is no feedback that the
> signature being verified belongs to the intended tag.
From: Santiago Torres
Hello everyone,
In a previous thread [1] we discussed about the possibility of having a
--check-name flag, for the tag-verify command (and possibly git tag -v).
Although many points were in the table, I don't think that it was
conclusive as to whether
20 matches
Mail list logo