[PATCH] commit-tree: do not pay attention to commit.gpgsign

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH] commit-tree: do not pay attention to commit.gpgsign

Junio C Hamano
ba3c69a9 (commit: teach --gpg-sign option, 2011-10-05) introduced a
"signed commit" by teaching --[no-gpg-sign option and commit.gpgsign
configuration variable to various commands that create commits.

Teaching these to "git commit" and "git merge", both of which are
end-user facing Porcelain commands, was perfectly fine.  Allowing
the plumbing "git commit-tree" to suddenly change the behaviour to
surprise the scripts by paying attention to commit.gpgsign was not.

Among the in-tree scripts, filter-branch, quiltimport, rebase and
stash are the commands that run "commit-tree".  If any of these
wants to allow users to always sign every single commit, they should
offer their own configuration (e.g. "filterBranch..gpgsign") with an
option to disable (e.g. "git filter-branch --no-gpgsign").

Ignoring commit.gpgsign option _obviously_ breaks the backward
compatibility, and I seriously doubt anybody sane is depending on
this misfeature that commit-tree blindly follows commit.gpgsign in
any third-party script that calls it, but following the "be careful
when removing (mis)features" tradition, let's give these scripts an
escape hatch.  Passing the new --use-commit-gpgsign-config option to
makes it pay attention to the commit.gpgsign configuration again.

Signed-off-by: Junio C Hamano <[hidden email]>
---

 builtin/commit-tree.c | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/builtin/commit-tree.c b/builtin/commit-tree.c
index 3feeffe..b023a6b 100644
--- a/builtin/commit-tree.c
+++ b/builtin/commit-tree.c
@@ -10,9 +10,10 @@
 #include "utf8.h"
 #include "gpg-interface.h"
 
-static const char commit_tree_usage[] = "git commit-tree [(-p <sha1>)...] [-S[<keyid>]] [-m <message>] [-F <file>] <sha1>";
+static const char commit_tree_usage[] = "git commit-tree [(-p <sha1>)...] [-S[<keyid>]] [--use-commit-gpgsign-config] [-m <message>] [-F <file>] <sha1>";
 
 static const char *sign_commit;
+static const char *config_sign_commit;
 
 static void new_parent(struct commit *parent, struct commit_list **parents_p)
 {
@@ -34,7 +35,7 @@ static int commit_tree_config(const char *var, const char *value, void *cb)
  if (status)
  return status;
  if (!strcmp(var, "commit.gpgsign")) {
- sign_commit = git_config_bool(var, value) ? "" : NULL;
+ config_sign_commit = git_config_bool(var, value) ? "" : NULL;
  return 0;
  }
  return git_default_config(var, value, cb);
@@ -42,7 +43,7 @@ static int commit_tree_config(const char *var, const char *value, void *cb)
 
 int cmd_commit_tree(int argc, const char **argv, const char *prefix)
 {
- int i, got_tree = 0;
+ int i, got_tree = 0, use_commit_gpgsign_config = 0;
  struct commit_list *parents = NULL;
  unsigned char tree_sha1[20];
  unsigned char commit_sha1[20];
@@ -84,6 +85,11 @@ int cmd_commit_tree(int argc, const char **argv, const char *prefix)
  continue;
  }
 
+ if (!strcmp(arg, "--use-commit-gpgsign-config")) {
+ use_commit_gpgsign_config = 1;
+ continue;
+ }
+
  if (!strcmp(arg, "-F")) {
  int fd;
 
@@ -121,6 +127,9 @@ int cmd_commit_tree(int argc, const char **argv, const char *prefix)
  die_errno("git commit-tree: failed to read");
  }
 
+ if (!sign_commit && use_commit_gpgsign_config)
+ sign_commit = config_sign_commit;
+
  if (commit_tree(buffer.buf, buffer.len, tree_sha1, parents,
  commit_sha1, NULL, sign_commit)) {
  strbuf_release(&buffer);
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] commit-tree: do not pay attention to commit.gpgsign

Eric Sunshine
On Mon, May 2, 2016 at 5:59 PM, Junio C Hamano <[hidden email]> wrote:
> ba3c69a9 (commit: teach --gpg-sign option, 2011-10-05) introduced a
> "signed commit" by teaching --[no-gpg-sign option and commit.gpgsign

s/\[no/[no]/

(ditto in the "simpler" patch)

> configuration variable to various commands that create commits.
>
> Teaching these to "git commit" and "git merge", both of which are
> end-user facing Porcelain commands, was perfectly fine.  Allowing
> the plumbing "git commit-tree" to suddenly change the behaviour to
> surprise the scripts by paying attention to commit.gpgsign was not.
>
> Among the in-tree scripts, filter-branch, quiltimport, rebase and
> stash are the commands that run "commit-tree".  If any of these
> wants to allow users to always sign every single commit, they should
> offer their own configuration (e.g. "filterBranch..gpgsign") with an
> option to disable (e.g. "git filter-branch --no-gpgsign").
>
> Ignoring commit.gpgsign option _obviously_ breaks the backward
> compatibility, and I seriously doubt anybody sane is depending on
> this misfeature that commit-tree blindly follows commit.gpgsign in
> any third-party script that calls it, but following the "be careful
> when removing (mis)features" tradition, let's give these scripts an
> escape hatch.  Passing the new --use-commit-gpgsign-config option to

s/to$//

> makes it pay attention to the commit.gpgsign configuration again.
>
> Signed-off-by: Junio C Hamano <[hidden email]>
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html