summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChris Beams <chris@beams.io>2014-05-22 03:09:35 +0200
committerbitcoindev <bitcoindev@gnusha.org>2014-05-22 01:09:56 +0000
commit3fa0ee0d16c877150fc5c1f8b1914bbe167040e8 (patch)
treeebbd07617f807ceb324691f48b2cd1291c42ba90
parente5dc85816c4344af6d2edb7f64820e0ceda6fe83 (diff)
downloadpi-bitcoindev-3fa0ee0d16c877150fc5c1f8b1914bbe167040e8.tar.gz
pi-bitcoindev-3fa0ee0d16c877150fc5c1f8b1914bbe167040e8.zip
Re: [Bitcoin-development] PSA: Please sign your git commits
-rw-r--r--93/10a5a41902c13a9d751ca837b56a5c6a58d6c3240
1 files changed, 240 insertions, 0 deletions
diff --git a/93/10a5a41902c13a9d751ca837b56a5c6a58d6c3 b/93/10a5a41902c13a9d751ca837b56a5c6a58d6c3
new file mode 100644
index 000000000..6f56e0bb4
--- /dev/null
+++ b/93/10a5a41902c13a9d751ca837b56a5c6a58d6c3
@@ -0,0 +1,240 @@
+Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
+ helo=mx.sourceforge.net)
+ by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
+ (envelope-from <chris@beams.io>) id 1WnHW8-0002qU-TR
+ for bitcoin-development@lists.sourceforge.net;
+ Thu, 22 May 2014 01:09:56 +0000
+X-ACL-Warn:
+Received: from chello084114181075.1.15.vie.surfer.at ([84.114.181.75]
+ helo=dh35.beams.io) by sog-mx-2.v43.ch3.sourceforge.com with esmtp
+ (Exim 4.76) id 1WnHW6-0000p9-Ts
+ for bitcoin-development@lists.sourceforge.net;
+ Thu, 22 May 2014 01:09:56 +0000
+Received: from localhost (localhost [127.0.0.1])
+ by dh35.beams.io (Postfix) with ESMTP id 51980201407;
+ Thu, 22 May 2014 03:09:48 +0200 (CEST)
+X-Virus-Scanned: amavisd-new at dh35.beams.io
+Received: from dh35.beams.io ([127.0.0.1])
+ by localhost (dh35.beams.io [127.0.0.1]) (amavisd-new, port 10024)
+ with ESMTP id Qsshkxj-8YG0; Thu, 22 May 2014 03:09:38 +0200 (CEST)
+Received: from [192.168.0.69] (chello084114181075.1.15.vie.surfer.at
+ [84.114.181.75])
+ by dh35.beams.io (Postfix) with ESMTPSA id 97B882013DF;
+ Thu, 22 May 2014 03:09:38 +0200 (CEST)
+Content-Type: multipart/signed;
+ boundary="Apple-Mail=_23EB31E1-FF71-4D75-A5B5-B73B17931285";
+ protocol="application/pgp-signature"; micalg=pgp-sha512
+Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.2\))
+From: Chris Beams <chris@beams.io>
+In-Reply-To: <20140521202502.GA439@localhost.localdomain>
+Date: Thu, 22 May 2014 03:09:35 +0200
+Message-Id: <D60239BA-5329-463F-9870-7B28661E9581@beams.io>
+References: <CA+s+GJBNWh0Py9KB4Y+B19ACeHOygtkLrPw5SbZ0SrVs50pqvg@mail.gmail.com>
+ <7B48B9D4-5FB0-42CA-A462-C20D3F345A9A@beams.io>
+ <20140521202502.GA439@localhost.localdomain>
+To: "David A. Harding" <dave@dtrt.org>
+X-Mailer: Apple Mail (2.1878.2)
+X-Spam-Score: 1.0 (+)
+X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
+ See http://spamassassin.org/tag/ for more details.
+ 0.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address
+ [84.114.181.75 listed in dnsbl.sorbs.net]
+ 1.0 HTML_MESSAGE BODY: HTML included in message
+X-Headers-End: 1WnHW6-0000p9-Ts
+Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
+Subject: Re: [Bitcoin-development] PSA: Please sign your git commits
+X-BeenThere: bitcoin-development@lists.sourceforge.net
+X-Mailman-Version: 2.1.9
+Precedence: list
+List-Id: <bitcoin-development.lists.sourceforge.net>
+List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
+ <mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
+List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
+List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
+List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
+List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
+ <mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
+X-List-Received-Date: Thu, 22 May 2014 01:09:57 -0000
+
+
+--Apple-Mail=_23EB31E1-FF71-4D75-A5B5-B73B17931285
+Content-Type: multipart/alternative;
+ boundary="Apple-Mail=_AE7156A4-A359-42BB-AF9D-8D265DC91E11"
+
+
+--Apple-Mail=_AE7156A4-A359-42BB-AF9D-8D265DC91E11
+Content-Transfer-Encoding: quoted-printable
+Content-Type: text/plain;
+ charset=us-ascii
+
+
+On May 21, 2014, at 10:25 PM, David A. Harding <dave@dtrt.org> wrote:
+
+> On Wed, May 21, 2014 at 06:39:44PM +0200, Chris Beams wrote:
+>> I [was] searching for a way to enable signing by default [...]
+>> Unfortunately, there isn't one, meaning it's likely that most folks
+>> will forget to do this most of the time.
+>=20
+> For all of my projects, I now I put this script in
+> .git/hooks/post-commit and post-merge:
+>=20
+> #!/bin/bash -eu
+>=20
+> if ! git log -n1 --show-signature | grep -q 'gpg: Good signature'
+> then
+> yes "FORGOT TO SIGN COMMIT MESSAGE"
+> exit 1
+> fi
+
+Funny, I was just in the middle of writing a pre-push hook to do =
+something similar when I decided to check my email :) Your post-commit =
+approach is indeed simpler, so I've gone with it for the moment [1]. =
+Thanks.
+
+However, I noticed in the process of testing that this approach messes =
+with rebase workflows. For example: if I make several commits (all of =
+which are properly signed), and then rebase to reorder them, rebase ends =
+up hanging because it delegates to `commit` and the use of `yes` in the =
+post-commit hook blocks forever. I've changed `yes` to `echo` to avoid =
+this, but it still means that one must be rather diligent to keep =
+signatures in place when rebasing. Gerwitz does address rebasing in the =
+presence of commit sigs in the "horror story" doc you linked to [2], but =
+there's no magic: this makes the whole rebasing process considerably =
+more tedious, and linearly so with however many commits you're =
+modifying.
+
+This may amount to a rationale for going with a pre-push hook after all, =
+i.e. in order to defer the check for signatures until the last possible =
+moment. This would allow for cheap iterative rebasing once again.
+
+I suppose the proper solution would be a `git config` option such as =
+'commit.sign', that if set to true would mean your commits are always =
+signed, even if rebase is the one calling `commit`. This would obviate =
+the need for the alias I mention below as well.
+
+
+> So anytime I forget to sign, I get an obvious error and can =
+immediately
+> run git commit --amend -S.
+
+If one is already in the habit of using an alias for `commit` (I've long =
+used `ci` for concision), the -S can be included in the alias:
+
+ git config alias.ci 'commit -S'
+
+
+> To automatically add a script like the one above to all new projects =
+(plus
+> quickly add it old current projects), you can follow these =
+instructions:
+>=20
+> =
+http://stackoverflow.com/questions/2293498/git-commit-hooks-global-setting=
+s
+
+This was a great tip, thanks!
+
+- Chris
+
+[1]: https://github.com/cbeams/dotfiles/commit/58d6942
+[2]: http://mikegerwitz.com/papers/git-horror-story.html#_option_3
+
+--Apple-Mail=_AE7156A4-A359-42BB-AF9D-8D265DC91E11
+Content-Transfer-Encoding: quoted-printable
+Content-Type: text/html;
+ charset=us-ascii
+
+<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html =
+charset=3Dus-ascii"></head><body style=3D"word-wrap: break-word; =
+-webkit-nbsp-mode: space; -webkit-line-break: =
+after-white-space;"><div><br></div><div><div><div>On May 21, 2014, at =
+10:25 PM, David A. Harding &lt;<a =
+href=3D"mailto:dave@dtrt.org">dave@dtrt.org</a>&gt; wrote:</div><br =
+class=3D"Apple-interchange-newline"><blockquote type=3D"cite">On Wed, =
+May 21, 2014 at 06:39:44PM +0200, Chris Beams wrote:<br><blockquote =
+type=3D"cite">I [was] searching for a way to enable signing by default =
+[...]<br>Unfortunately, there isn't one, meaning it's likely that most =
+folks<br>will forget to do this most of the =
+time.<br></blockquote><br>For all of my projects, I now I put this =
+script in<br>.git/hooks/post-commit and post-merge:<br><br> =
+&nbsp;&nbsp;&nbsp;#!/bin/bash -eu<br><br> &nbsp;&nbsp;&nbsp;if ! git log =
+-n1 --show-signature | grep -q 'gpg: Good signature'<br> =
+&nbsp;&nbsp;&nbsp;then<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;yes =
+"FORGOT TO SIGN COMMIT MESSAGE"<br> =
+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;exit 1<br> =
+&nbsp;&nbsp;&nbsp;fi<br></blockquote><div><br></div><div>Funny, I was =
+just in the middle of writing a pre-push hook to do something similar =
+when I decided to check my email :) Your post-commit approach is indeed =
+simpler, so I've gone with it for the moment [1]. =
+Thanks.</div><div><br></div><div>However, I noticed in the process of =
+testing that this approach messes with rebase workflows. For example: if =
+I make several commits (all of which are properly signed), and then =
+rebase to reorder them, rebase ends up hanging because it delegates to =
+`commit` and the use of `yes` in the post-commit hook blocks forever. =
+I've changed `yes` to `echo` to avoid this, but it still means that one =
+must be rather diligent to keep signatures in place when rebasing. =
+Gerwitz does address rebasing in the presence of commit sigs in the =
+"horror story" doc you linked to [2], but there's no magic: this makes =
+the whole rebasing process considerably more tedious, and linearly so =
+with however many commits you're =
+modifying.</div><div><br></div><div>This may amount to a rationale for =
+going with a pre-push hook after all, i.e. in order to defer the check =
+for signatures until the last possible moment. This would allow for =
+cheap iterative rebasing once again.</div><div><br></div><div>I suppose =
+the proper solution would be a `git config` option such as =
+'commit.sign', that if set to true would mean your commits are always =
+signed, even if rebase is the one calling `commit`. This would obviate =
+the need for the alias I mention below as =
+well.</div><div><br></div><div><br></div><blockquote type=3D"cite">So =
+anytime I forget to sign, I get an obvious error and can =
+immediately<br>run git commit --amend =
+-S.<br></blockquote><div><br></div><div>If one is already in the habit =
+of using an alias for `commit` (I've long used `ci` for concision), the =
+-S can be included in the alias:</div><div><br></div><div>&nbsp; =
+&nbsp;&nbsp;git config alias.ci 'commit =
+-S'</div><div><br></div><div><div><br></div></div><blockquote =
+type=3D"cite">To automatically add a script like the one above to all =
+new projects (plus<br>quickly add it old current projects), you can =
+follow these instructions:<br><br> &nbsp;&nbsp;&nbsp;<a =
+href=3D"http://stackoverflow.com/questions/2293498/git-commit-hooks-global=
+-settings">http://stackoverflow.com/questions/2293498/git-commit-hooks-glo=
+bal-settings</a><br></blockquote></div><br></div><div>This was a great =
+tip, thanks!</div><div><br></div><div>- =
+Chris</div><div><div><div><br></div><div>[1]:&nbsp;<a =
+href=3D"https://github.com/cbeams/dotfiles/commit/58d6942">https://github.=
+com/cbeams/dotfiles/commit/58d6942</a></div><div>[2]:&nbsp;<a =
+href=3D"http://mikegerwitz.com/papers/git-horror-story.html#_option_3">htt=
+p://mikegerwitz.com/papers/git-horror-story.html#_option_3</a></div></div>=
+</div></body></html>=
+
+--Apple-Mail=_AE7156A4-A359-42BB-AF9D-8D265DC91E11--
+
+--Apple-Mail=_23EB31E1-FF71-4D75-A5B5-B73B17931285
+Content-Transfer-Encoding: 7bit
+Content-Disposition: attachment;
+ filename=signature.asc
+Content-Type: application/pgp-signature;
+ name=signature.asc
+Content-Description: Message signed with OpenPGP using GPGMail
+
+-----BEGIN PGP SIGNATURE-----
+Comment: GPGTools - https://gpgtools.org
+
+iQIcBAEBCgAGBQJTfU5PAAoJED0hT49bxe1zGxoQAIhUJYsq0j3KYfc+ZV3QDdnC
+CeL9Go87qPEQTXJzJU0Yk4y7PoCsxJ0oPnQOeaEOEzwiRJ2aRKJoLbfwu0lsTJo/
+nT4abYSLx1EgqgtDkFSF62DXKnN2BWmyexw5FDJFQ1plzWJ1NYh4lncjM3wT5K0Z
+Qb367T06+Ihp7iuU/LAi3zhwZumxntITqrWamBiqfu6Sn+u7EtKnMBxduczWNmFB
+iPzJtaAcb+R2v/l2lKw3NqNS/ewtmZrduTQtwhuaFd16bfffC5dnFzcgr5W0nJt8
+X0Kt+Vtr2mO445plqJhbq0MB2H1k6TuS+tBPCz9T/9dWEz4yRoa0GSaLgyN/rDOL
+OyKMNanVMzKfy0egsXwiiAyL4rBbi7E3qDXG2x8bTBqDBlr9BxI54TdOVVexC7/2
+puUvxfsZv3zrMojRVw8l+q9LZLGsjjPY7kv9OQqWSkYLhfON6wCpfdXzUuWO66Qq
+mZFh6wkaWn9pJZLApzF8gQvmY+rRn4EXJs7cUCGes+mplMu3+v/H/6AksQWakxqA
+PbJBaK4xsvwhOFKBWlqHxWxhQgIsTdkEmtkq9nDUsPjuohq/1ef8e7WtTo3ONVNF
+5Bwe70x1EVGzsqz1e5xlJxKuuUTaTXJ9ep+hLCPydFVF+UJUUXjOgdkhusgoiWwI
+uSgtPwHM/aqgQ36UdWkM
+=gbJG
+-----END PGP SIGNATURE-----
+
+--Apple-Mail=_23EB31E1-FF71-4D75-A5B5-B73B17931285--
+
+