On May 21, 2014, at 10:25 PM, David A. Harding <d...@dtrt.org> wrote:
> On Wed, May 21, 2014 at 06:39:44PM +0200, Chris Beams wrote:
>> I [was] searching for a way to enable signing by default [...]
>> Unfortunately, there isn't one, meaning it's likely that most folks
>> will forget to do this most of the time.
>
> For all of my projects, I now I put this script in
> .git/hooks/post-commit and post-merge:
>
> #!/bin/bash -eu
>
> if ! git log -n1 --show-signature | grep -q 'gpg: Good signature'
> then
> yes "FORGOT TO SIGN COMMIT MESSAGE"
> exit 1
> fi
Funny, I was just in the middle of writing a pre-push hook to do something
similar when I decided to check my email :) Your post-commit approach is indeed
simpler, so I've gone with it for the moment [1]. Thanks.
However, I noticed in the process of testing that this approach messes with
rebase workflows. For example: if I make several commits (all of which are
properly signed), and then rebase to reorder them, rebase ends up hanging
because it delegates to `commit` and the use of `yes` in the post-commit hook
blocks forever. I've changed `yes` to `echo` to avoid this, but it still means
that one must be rather diligent to keep signatures in place when rebasing.
Gerwitz does address rebasing in the presence of commit sigs in the "horror
story" doc you linked to [2], but there's no magic: this makes the whole
rebasing process considerably more tedious, and linearly so with however many
commits you're modifying.
This may amount to a rationale for going with a pre-push hook after all, i.e.
in order to defer the check for signatures until the last possible moment. This
would allow for cheap iterative rebasing once again.
I suppose the proper solution would be a `git config` option such as
'commit.sign', that if set to true would mean your commits are always signed,
even if rebase is the one calling `commit`. This would obviate the need for the
alias I mention below as well.
> So anytime I forget to sign, I get an obvious error and can immediately
> run git commit --amend -S.
If one is already in the habit of using an alias for `commit` (I've long used
`ci` for concision), the -S can be included in the alias:
git config alias.ci 'commit -S'
> To automatically add a script like the one above to all new projects (plus
> quickly add it old current projects), you can follow these instructions:
>
> http://stackoverflow.com/questions/2293498/git-commit-hooks-global-settings
This was a great tip, thanks!
- Chris
[1]: https://github.com/cbeams/dotfiles/commit/58d6942
[2]: http://mikegerwitz.com/papers/git-horror-story.html#_option_3
signature.asc
Description: Message signed with OpenPGP using GPGMail
------------------------------------------------------------------------------ "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available Simple to use. Nothing to install. Get started now for free." http://p.sf.net/sfu/SauceLabs
_______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
