On May 21, 2014, at 10:25 PM, David A. Harding <d...@dtrt.org> wrote:

> On Wed, May 21, 2014 at 06:39:44PM +0200, Chris Beams wrote:
>> I [was] searching for a way to enable signing by default [...]
>> Unfortunately, there isn't one, meaning it's likely that most folks
>> will forget to do this most of the time.
> 
> For all of my projects, I now I put this script in
> .git/hooks/post-commit and post-merge:
> 
>    #!/bin/bash -eu
> 
>    if ! git log -n1 --show-signature | grep -q 'gpg: Good signature'
>    then
>        yes "FORGOT TO SIGN COMMIT MESSAGE"
>        exit 1
>    fi

Funny, I was just in the middle of writing a pre-push hook to do something 
similar when I decided to check my email :) Your post-commit approach is indeed 
simpler, so I've gone with it for the moment [1]. Thanks.

However, I noticed in the process of testing that this approach messes with 
rebase workflows. For example: if I make several commits (all of which are 
properly signed), and then rebase to reorder them, rebase ends up hanging 
because it delegates to `commit` and the use of `yes` in the post-commit hook 
blocks forever. I've changed `yes` to `echo` to avoid this, but it still means 
that one must be rather diligent to keep signatures in place when rebasing. 
Gerwitz does address rebasing in the presence of commit sigs in the "horror 
story" doc you linked to [2], but there's no magic: this makes the whole 
rebasing process considerably more tedious, and linearly so with however many 
commits you're modifying.

This may amount to a rationale for going with a pre-push hook after all, i.e. 
in order to defer the check for signatures until the last possible moment. This 
would allow for cheap iterative rebasing once again.

I suppose the proper solution would be a `git config` option such as 
'commit.sign', that if set to true would mean your commits are always signed, 
even if rebase is the one calling `commit`. This would obviate the need for the 
alias I mention below as well.


> So anytime I forget to sign, I get an obvious error and can immediately
> run git commit --amend -S.

If one is already in the habit of using an alias for `commit` (I've long used 
`ci` for concision), the -S can be included in the alias:

    git config alias.ci 'commit -S'


> To automatically add a script like the one above to all new projects (plus
> quickly add it old current projects), you can follow these instructions:
> 
>    http://stackoverflow.com/questions/2293498/git-commit-hooks-global-settings

This was a great tip, thanks!

- Chris

[1]: https://github.com/cbeams/dotfiles/commit/58d6942
[2]: http://mikegerwitz.com/papers/git-horror-story.html#_option_3

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos.
Get unparalleled scalability from the best Selenium testing platform available
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development

Reply via email to