Re: [PATCH] rebase: add --verify-signatures

Sorry, I didn't do a group-reply in my last mail. On Mon, Dec 21, 2015 at 03:46:54PM -0800, Junio C Hamano wrote: > Alexander 'z33ky' Hirsch <1ze...@gmail.com> writes: > > > On Thu, Dec 17, 2015 at 10:22:20AM -0800, Junio C Hamano wrote: > >> I suspect that you are missing the bigger workflow iss

Re: [PATCH] rebase: add --verify-signatures

Alexander 'z33ky' Hirsch <1ze...@gmail.com> writes: > As I understand it, this is the same reason for the existence of > --verify-signatures for git-merge. Otherwise the same argument could be > made for git-merge I suspect that you are missing the bigger workflow issues, if you think this and m

Re: [PATCH] rebase: add --verify-signatures

On Wed, Dec 16, 2015 at 10:12:12AM -0800, Junio C Hamano wrote: > I do not quite understand how that would help anything. I do not > personally believe in projects that wants to sign each and every > commit, but to them, "an empty signed commit on top" would not fix > anything once they have an un

Re: [PATCH] rebase: add --verify-signatures

Alexander 'z33ky' Hirsch <1ze...@gmail.com> writes: > On Thu, Dec 10, 2015 at 11:53:45AM -0800, Junio C Hamano wrote: > >> In a workflow that is built around "pull --rebase", you are _given_ >> the authoritative history with all the good things from another >> place and then you rebuild your own w

Re: [PATCH] rebase: add --verify-signatures

On Thu, Dec 10, 2015 at 11:53:45AM -0800, Junio C Hamano wrote: > Junio C Hamano writes: > > > Alexander 'z33ky' Hirsch <1ze...@gmail.com> writes: > > > >> + if test -n "$rebase_root" > >> + then > >> + foreign_revisions="$orig_head..$onto" > >> + else > >> + foreign_revision

Re: [PATCH] rebase: add --verify-signatures

Junio C Hamano writes: > Alexander 'z33ky' Hirsch <1ze...@gmail.com> writes: > >> +if test -n "$rebase_root" >> +then >> +foreign_revisions="$orig_head..$onto" >> +else >> +foreign_revisions="$orig_head..${restrict_revision-$upstream}" >> +fi >> + >> +f

Re: [PATCH] rebase: add --verify-signatures

Alexander 'z33ky' Hirsch <1ze...@gmail.com> writes: > + if test -n "$rebase_root" > + then > + foreign_revisions="$orig_head..$onto" > + else > + foreign_revisions="$orig_head..${restrict_revision-$upstream}" > + fi > + > + for cmt in $(git rev-list --re

[PATCH] rebase: add --verify-signatures

This option works analogous to --verify-signatures for git-merge by checking that the commits, that are rebased onto, have good GPG signatures. Additionally, git-pull now forwards --verify-signatures to rebase as well. Signed-off-by: Alexander 'z33ky' Hirsch <1ze...@gmail.com> --- I'm unsure if