public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: "David A. Harding" <dave@dtrt•org>
To: Chris Beams <chris@beams•io>
Cc: Bitcoin Dev <bitcoin-development@lists•sourceforge.net>
Subject: Re: [Bitcoin-development] PSA: Please sign your git commits
Date: Wed, 21 May 2014 16:25:02 -0400	[thread overview]
Message-ID: <20140521202502.GA439@localhost.localdomain> (raw)
In-Reply-To: <7B48B9D4-5FB0-42CA-A462-C20D3F345A9A@beams.io>

On Wed, May 21, 2014 at 06:39:44PM +0200, Chris Beams wrote:
> I [was] searching for a way to enable signing by default [...]
> Unfortunately, there isn't one, meaning it's likely that most folks
> will forget to do this most of the time.

For all of my projects, I now I put this script in
.git/hooks/post-commit and post-merge:

    #!/bin/bash -eu

    if ! git log -n1 --show-signature | grep -q 'gpg: Good signature'
    then
        yes "FORGOT TO SIGN COMMIT MESSAGE"
        exit 1
    fi

So anytime I forget to sign, I get an obvious error and can immediately
run git commit --amend -S.

To automatically add a script like the one above to all new projects (plus
quickly add it old current projects), you can follow these instructions:

    http://stackoverflow.com/questions/2293498/git-commit-hooks-global-settings

> If you're really serious about it, you should probably reject pull
> requests without signed commits; otherwise, signing becomes
> meaningless because only honest authors do it

I find signing my commits quite useful even on projects without a
default signing policy because it lets me diff from the last time I
provably reviewed the code.  Here's my script for that:

    #!/bin/bash -eu

    KEY=F29EC4B7

    last_signed_commit=$( git log --topo-order --show-signature --pretty=oneline \
        | grep -m1 " gpg: Signature made.*RSA key ID $KEY" \
        | sed 's/ .*//' \
        | grep .
    ) || { echo "No signed commit found.  Dying..." ; exit 1 ; }

    set -x
    git diff $last_signed_commit

By diffing against the last signed commit I made, I also review any
commits that were made using my name but which I didn't actually make,
such as squashes and rebases of my commits (and, of course, forgeries).

For anyone who's bored and wants to read a lot of text, I think the
definitive work on git signing is this:

    http://mikegerwitz.com/papers/git-horror-story.html

-Dave
-- 
David A. Harding



  parent reply	other threads:[~2014-05-21 20:57 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-05-21 12:23 Wladimir
2014-05-21 16:39 ` Chris Beams
2014-05-21 17:10   ` Wladimir
2014-05-21 20:30     ` Mark Friedenbach
2014-05-21 21:02       ` Gregory Maxwell
2014-05-22 18:06         ` Jeff Garzik
2014-05-23  0:25           ` Peter Todd
2014-05-23  7:12           ` Wladimir
2014-05-23 16:38             ` Mark Friedenbach
2014-05-23 16:48             ` Kyle Jerviss
2014-05-23 17:32               ` Gregory Maxwell
2014-05-23 10:23     ` Wladimir
2014-06-09 15:34       ` Chris Beams
2014-05-21 20:25   ` David A. Harding [this message]
2014-05-22  1:09     ` Chris Beams

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20140521202502.GA439@localhost.localdomain \
    --to=dave@dtrt$(echo .)org \
    --cc=bitcoin-development@lists$(echo .)sourceforge.net \
    --cc=chris@beams$(echo .)io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox