We tested both good and bad signatures, but not ones made
correctly but with a key for which we have no trust.
Signed-off-by: Jeff King <p...@peff.net>
---
I'm not happy about grepping more gpg output, but perhaps this "not
certified" is no worse than the current 'Good signature from" greps we
have?
The internal code uses --status-fd, which is presumably more robust to
changes. I dunno. I'd be inclined to go with this, and if it becomes a
problem in a future gpg release, we can deal with it then.
t/t7510-signed-commit.sh | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/t/t7510-signed-commit.sh b/t/t7510-signed-commit.sh
index cdffcbd..04fc2c5 100755
--- a/t/t7510-signed-commit.sh
+++ b/t/t7510-signed-commit.sh
@@ -43,6 +43,9 @@ test_expect_success GPG 'create signed commits' '
test_tick && git rebase -f HEAD^^ && git tag sixth-signed HEAD^ &&
git tag seventh-signed
+
+ echo 8 >file && test_tick && git commit -a -m eighth -SB7227189 &&
+ git tag eighth-signed-alt
'
test_expect_success GPG 'show signatures' '
@@ -63,6 +66,16 @@ test_expect_success GPG 'show signatures' '
! grep "BAD signature from" actual &&
echo $commit OK || exit 1
done
+ ) &&
+ (
+ for commit in eighth-signed-alt
+ do
+ git show --pretty=short --show-signature $commit
>actual &&
+ grep "Good signature from" actual &&
+ ! grep "BAD signature from" actual &&
+ grep "not certified" actual &&
+ echo $commit OK || exit 1
+ done
)
'
--
2.0.0.566.gfe3e6b2
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
