Re: [LEDE-DEV] Proposal to sign all commits
On 16-05-06 08:28 PM, Kus wrote: > Daniel, I like what you said. I hinted something like that in the original > message. Er, sorry which part - I think you mean about fast-forward only and not the ideal world where everything is always tested no matter who it's from? Regards, Daniel > > I don't like the idea of making changes to history after it is published. > Personally, I don't care about commit pollution but if the team thinks it is > important, then we should squash commits before we merge with master. History should never be rewritten in a *public* (meaning one that is supposed to be pulled from rather than a feature or staging branch that is intended for testing and rebasing and so on) branch. Ever. IMNSHO. (Unless it's something like a personal tree on github that hasn't been forked and you have no reason believe someone else has even noticed it, yet, and you have a good reason). In other branches only history not already in public branches should be rewritten else you've got an ugly problem. > In an ideal world, we'd make all commits on master and we'd have 100% > confidence that each commit is guaranteed to cause no regression. If wishes > were fishes... Heh, if that were the case we'd be the robots that took over the world because we were better than our human creators > Maybe require all commits in master be signed and encourage but not require > signing for others? Would that be acceptable? > Make sense to me. Regards, Daniel ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] Proposal to sign all commits
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 > Regarding signing commits with GPG key, it would be nice to recommend it but > making it a requirement sounds like a barrier. I'd argue such a barrier is OK if we want to quickly increase the size of the team of people with commit access. I think we're underestimating our contributors here. I agree that we shouldn't have unnecessary barriers (such as copyright assignment to give a specific example). I am getting mixed signals here though. Some people say requiring signing causes friction and limits participation. Others say that there will only be a couple of people who will ever have commit access so signing is unnecessary. I don't want to take too much time here because signing commits is a lower priority compared to doing the actual work of writing code/documentation (including a wiki), increasing/maintaining test coverage, and setting up automatic signed builds and so on (being discussed in separate threads). I don't think there's a definite right or wrong answer here as long as we understand and accept the trade offs. Sincerely, -BEGIN PGP SIGNATURE- Version: APG v1.1.1 iQJRBAEBCgA7BQJXLL6NNBxLdXNoYWwgSGFkYSAoZGV2ZWxvcGVyKSA8a3VzaGFs ZGV2ZWxvcGVyQGdtYWlsLmNvbT4ACgkQJsInd2b1xmPv9w/+Km0COpDHFHWjahVX XCGZdokz4BZn41ZF54R4z7iyexzZ9uviLJfQyftHODHYCvdl/P+zA3WYX2nyEQ5j zDIkXuGKmrG68zt55Y2layVgOrqJ3BswwdkFhG7mFEyvTJQDWYp50F6a9JjURZmB x1YCUO7fQidrmjOYdE9omEeJCBukujGtBFG1i2YxGPHA8hWANxB+hZD5AZHouNto i5YG7ssjJXusdoCtReIxUsimUwQ6s5IqSiOSZPwlGGl3lTj4rVcQtUNZzTlwBRsL 3VEAAlXNd6Kl0oKaet9wVJNwiF3nrDiLAgwTjS2T5ZIe5l4+TwcSAsN3xJUAe1tx 7ysWFEbgYNLxXuI8cvEXr9g9n7BW3QnbgQzpgadjQisGeIOzwsCirpGKrSBJDXVP RDClZQe9FhJ4edxgWig4htvH4eHsyyzic0RDaG+70aSNlWS4gVniAZ+dvn4cxnlF 22v7Ryl/Sb3dmhub2bQVVP4TZyYityNNfyW74cODj4mx2cYYwEhVEIAbvKz+ZE7r D6T2svtOSJpaPBGKL4JGhXxdwo6UZJucA13h3nrxYH+nHlm6v0xHWkV955LyP976 SYS7Nw6Opw0L66L5jAJjQ3z6+YAabd00AmxWMnL6pMJk3k8sY8sH45CLghCvQNzr xeFklDOsle8MwWAuuBb9CMB1OLI= =bVJi -END PGP SIGNATURE- ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] Proposal to sign all commits
Hi, > I am concerned that git signing gives little, if any value, while making > it harder to contribute (and making it easier to contribute is one of > the *stated* goals of LEDE) and is another example of a tendency toward > a particular brand of technical elitism that will kill this project if > not nipped in the bud. I tend to agree here - people specifically ask about being able to contribute via Github because it allegedly makes contributions easier. My experience has shown that a lot of contributors already struggle with the concept of sign-off lines. Require them to PGP sign stuff would pretty much kill any effort in this direction right away. ~ Jo ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: Proposal to sign all commits
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 05.05.16 10:08, David Lang wrote: > In an environment where the vast majority of people are unknown, > and any signing they are doing involves no liability, and no > assurance that the person is who they claim to be (other than > claiming to be someone who has access to that signing key), the > value of signatures is much less. Can't this problem be solved using the web of trust? It is doesn't require a trusted certificate authority, thus is decentralized. Truth be told, getting your key signed by others is not a simple process, as it requires physical presence of both the signer and the one who gets the signature, it's better than nothing though. On 05.05.16 08:42, David Lang wrote: > how do you handle cases where the maintainer needs to fix a merge > or otherwise tweak the submission? As for commits, those shouldn't be edited, but a new commit should be created with necessary fixes, carrying the signature of the person doing the fixes. The original commit will have the signature of its creator. -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXKvdyAAoJECTakka9G8YAblQQAKBS+54Tj9AuJGmLbBsrejMP cR3aMGfd2naReoUizI9/EisjD1aEDlzhcyeRZ575OokN8Z1iFtbAS2bfXrt40lej RZfW2eXdo7Iwpay+sIuNQaqYg+dkE0T1L5M6/k3x1uHzH37Mw9p/6rJTypNXRusH qT0ZvNUlLXikgD2VgfCuhzexmbX7kE5/adBHHl/kOXnldEdJBOCYHKkHFRHBEEdo eya42OFcFHly633+bTQon7e8TqcPZwxarpOZBllpYNUqbEOVumCS6THoEjH98kbt bUaKrmfZh097l0fW+KUBKD/kuZY4lDqOfwBbEp6SC4pwV4yHFUImvIAo4HYEHs25 I6OCFJh8nLPPGSUhau0EmM/iG2BX+PDbAEQjHx0RA8eMqsBUdLXVbbZTPRn+ffq/ nHlzqB50Ud5rc8RIMYHNYy2k8s6kd6awTd+rb/+i1rKUilvLz6CDtRQaQeKEAiKf oXvMJnTOMFP3pCPP/pR93KH9PiGCJe3NYZf6wJYyKfo5YvZtBJW7jojcyhQ0MKrp XXvjjRYpR3hjw10oKCaB1648FgfRlT4hlVhSmWDniaAEKyKIxon8LvBYFhVkqwZw EqcccDsu2sp3Kk+zp961xIUda/ztrtxMeQiTIXUodTQBbIvy84obaPO73pexkoML quVKJyPCJs7pAV9UU/Wf =/FmW -END PGP SIGNATURE- ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: Proposal to sign all commits
On Thu, 5 May 2016, John Crispin wrote: On 04/05/2016 23:38, Kus wrote: Greetings I'd like to propose that all commits (at least to master) going forward be signed with the commiter's gpg key. https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work Thoughts? we could do that. if you look at the keyring.git, you will see that we already asked those with commit access to submit their gpg keys. At that point, all you are signing is who merged the work into the tree. That doesn't give you any information about who created the work. Is there enough value in this to be worth the hassle? David Lang ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev