mbox series

[v2,0/3] fast-export, fast-import: implement signed-commits

Message ID 20210422002749.2413359-1-lukeshu@lukeshu.com (mailing list archive)
Headers show
Series fast-export, fast-import: implement signed-commits | expand


Luke Shumaker April 22, 2021, 12:27 a.m. UTC
From: Luke Shumaker <lukeshu@datawire.io>

fast-export has an existing --signed-tags= flag that controls how to
handle tag signatures.  However, there is no equivalent for commit
signatures; it just silently strips the signature out of the commit
(analogously to --signed-tags=strip).

So implement a --signed-commits= flag in fast-export, and implement
the receiving side of it in fast-import.

I believe that this revision addresses all of the feedback so far,
with the exception that I have not implemented Elijah's suggestion to
implement a flag on fast-import to validate signatures.  While I agree
that this would be a useful feature, I consider it to be beyond the
scope of this work.

This passes all of the GitHub actions CI checks, and passes all but
one of the Travis-CI checks; the failing Travis-CI check seems to be
an unrelated 404 from `apt-get`.

Luke Shumaker (3):
  git-fast-import.txt: add missing LF in the BNF
    v2: no changes
  fast-export: rename --signed-tags='warn' to 'warn-verbatim'
     - Reword commit message, based on feedback from Taylor.
     - Fix copy-pasto in the test, noticed by Taylor.
     - Add a comment to the tests.
     - Fix whitespace in the tests.
  fast-export, fast-import: implement signed-commits
     - Remove erroneous remark about ordering from the commit message.
     - Adjust the stream syntax to include the hash algorithm, as
       suggested by brian.
     - Add support for sha256 (based on lots of useful information from
       brian).  It does not support multiply-signed commits.
     - Shorten the documentation, based on feedback from Taylor.
     - Add comments, based on feedback from Taylor.
     - Change the default from `--signed-commits=strip` to
       `--signed-commits=warn-strip`.  This shouldn't break anyone, and
       means that users get useful feedback by default.

 Documentation/git-fast-export.txt |  11 ++-
 Documentation/git-fast-import.txt |  20 ++++-
 builtin/fast-export.c             | 123 ++++++++++++++++++++++++++----
 builtin/fast-import.c             |  23 ++++++
 t/t9350-fast-export.sh            |  88 +++++++++++++++++++++
 5 files changed, 245 insertions(+), 20 deletions(-)