Dimitri John Ledkov xnox at debian.org writes:
somebody else did a bad rebase, and then people started to query why I
You should just not accept rebase, *ever*.
[receive]
denyNonFastforwards = true
denyDeletes = true
This is the standard config of all Evolvis (FusionForge
On Tue, May 26, 2015, at 15:25, Vincent Bernat wrote:
❦ 26 mai 2015 14:38 -0300, Henrique de Moraes Holschuh h...@debian.org
:
A solution to this without history rewriting is to tag the commits you
want to sign.
You could tag any commit at any time, and sign that tag. Impractical if
On Mon, May 25, 2015 at 01:53:28PM -0300, Henrique de Moraes Holschuh wrote:
Commits: trying to change the signature will change the commit hash.
So, it works just like amending the commit. In fact, git commit
--amend -S will sign/re-sign the commit by creating a new commit, just
like any
On 26 May 2015 at 19:25, Vincent Bernat ber...@debian.org wrote:
❦ 26 mai 2015 14:38 -0300, Henrique de Moraes Holschuh h...@debian.org :
A solution to this without history rewriting is to tag the commits you
want to sign.
You could tag any commit at any time, and sign that tag. Impractical
On 25 May 2015 at 09:33, Bastian Blank wa...@debian.org wrote:
On Mon, May 25, 2015 at 09:51:41AM +0200, Thomas Koch wrote:
On Sunday 24 May 2015 13:02:38 Thomas Koch wrote:
Git supports signing of commits since version 1.7.9. Everybody should sign
git commits always.
There is however the
❦ 26 mai 2015 14:38 -0300, Henrique de Moraes Holschuh h...@debian.org :
A solution to this without history rewriting is to tag the commits you
want to sign.
You could tag any commit at any time, and sign that tag. Impractical if
you want to retroactively sign a huge swathe of commits, but
On Mon, May 25, 2015 at 06:43:46PM +0200, Wouter Verhelst wrote:
Since signing changes the sha1 of the commit, only if rewriting history isn't
a
problem.
A solution to this without history rewriting is to tag the commits you want
to sign.
You could tag any commit at any time, and sign that
On Tue, May 26, 2015, at 13:12, Jonathan Dowland wrote:
On Mon, May 25, 2015 at 06:43:46PM +0200, Wouter Verhelst wrote:
Since signing changes the sha1 of the commit, only if rewriting history
isn't a
problem.
A solution to this without history rewriting is to tag the commits you
want
On Mon, May 25, 2015 at 09:51:41AM +0200, Thomas Koch wrote:
On Sunday 24 May 2015 13:02:38 Thomas Koch wrote:
Git supports signing of commits since version 1.7.9. Everybody should sign
git commits always.
There is however the argument that by signing every commit by default one may
On Sunday 24 May 2015 13:02:38 Thomas Koch wrote:
Git supports signing of commits since version 1.7.9. Everybody should sign
git commits always.
There is however the argument that by signing every commit by default one may
accidentally publish a signature on some unverified code and somebody
On May 25, Samuel Thibault sthiba...@debian.org wrote:
I use the attached script to easily create and sign my tags.
Isn't this the equivalent of gbp-buildpackage --git-tag-only?
Not everybody uses gbp.
--
ciao,
Marco
pgp8bVvnDmsWf.pgp
Description: PGP signature
On Sun, May 24, 2015, at 11:12, Iain R. Learmonth wrote:
On Sun, May 24, 2015 at 01:02:38PM +0200, Thomas Koch wrote:
Git supports signing of commits since version 1.7.9. Everybody should sign
git
commits always.
What is the overhead on this?
As far as git metadata goes, it is small
On Mon, May 25, 2015 at 10:33:06AM +0200, Bastian Blank wrote:
On Mon, May 25, 2015 at 09:51:41AM +0200, Thomas Koch wrote:
On Sunday 24 May 2015 13:02:38 Thomas Koch wrote:
Git supports signing of commits since version 1.7.9. Everybody should sign
git commits always.
There is however
Bastian Blank schreef op 25-5-2015 om 10:33 AM:
Much worse, do you trust all your development machines with your private
key?
I do not. That is why I keep my private signature key on my smartcard. I
sign every commit on all of my machines.
You can put this in your .gitconfig to always sign
On Mon, May 25, 2015, at 09:54, Tzafrir Cohen wrote:
On Mon, May 25, 2015 at 10:33:06AM +0200, Bastian Blank wrote:
On Mon, May 25, 2015 at 09:51:41AM +0200, Thomas Koch wrote:
On Sunday 24 May 2015 13:02:38 Thomas Koch wrote:
Git supports signing of commits since version 1.7.9.
On Mon, May 25, 2015 at 02:54:53PM +0200, Tzafrir Cohen wrote:
On Mon, May 25, 2015 at 10:33:06AM +0200, Bastian Blank wrote:
On Mon, May 25, 2015 at 09:51:41AM +0200, Thomas Koch wrote:
On Sunday 24 May 2015 13:02:38 Thomas Koch wrote:
Git supports signing of commits since version
== What
Git supports signing of commits since version 1.7.9. Everybody should sign git
commits always.
== Why
- The haskell team has a git repository with tools that maintainers should
clone and use. I cloned the repo. How should I trust all this scripts?
- Somebody wants to contribute to
Hi,
On Sun, May 24, 2015 at 01:02:38PM +0200, Thomas Koch wrote:
Git supports signing of commits since version 1.7.9. Everybody should sign
git
commits always.
What is the overhead on this?
I sign tags when I remember (which isn't often I'll admit) but signing every
commit is maybe a bit
On Sun, May 24, 2015 at 03:12:21PM +0100, Iain R. Learmonth wrote:
Hi,
On Sun, May 24, 2015 at 01:02:38PM +0200, Thomas Koch wrote:
Git supports signing of commits since version 1.7.9. Everybody should sign
git
commits always.
What is the overhead on this?
I have a 4096-bit RSA key
Hello,
2015-05-24 13:02 GMT+02:00 Thomas Koch tho...@koch.ro:
[...]
- always sign all commits:
git config --global commit.gpgsign true
Is there a git tag equivalent of this?
Regards
--
Mathieu Parent
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of
On 24 May 2015 at 15:12, Iain R. Learmonth i...@fsfe.org wrote:
Hi,
On Sun, May 24, 2015 at 01:02:38PM +0200, Thomas Koch wrote:
Git supports signing of commits since version 1.7.9. Everybody should sign
git
commits always.
What is the overhead on this?
I keep my main key offline these
Le 24/05/2015 13:02, Thomas Koch a écrit :
- Tell git what key to use:
git config --global user.signingkey $YOURKEYID
- sign one commit: git commit --gpg-sign
- always sign all commits:
git config --global commit.gpgsign true
- Verifiy commits
git log --show-signature
What will
Marco d'Itri, le Mon 25 May 2015 06:45:56 +0200, a écrit :
On May 24, Thomas Koch tho...@koch.ro wrote:
Git supports signing of commits since version 1.7.9. Everybody should sign
git
commits always.
I do not see a significant benefit in signing all commits as long as
release tags are
On May 24, Thomas Koch tho...@koch.ro wrote:
Git supports signing of commits since version 1.7.9. Everybody should sign
git
commits always.
I do not see a significant benefit in signing all commits as long as
release tags are signed.
I use the attached script to easily create and sign my
24 matches
Mail list logo