bug-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [task #4633] GPG-Signed Commits


From: Jim Hyslop
Subject: Re: [task #4633] GPG-Signed Commits
Date: Sat, 24 Sep 2005 11:55:02 -0400
User-agent: Mozilla Thunderbird 1.0.6 (Windows/20050716)

Derek Price wrote:
Mark D. Baushke wrote:


Example:
CVSROOT=:local;sign-id=jhyslop@dreampossible.ca:/cvs


Good point. For commits to the savannah.nongnu.org
repositories, I might want to use a PGP keyid of 0xFCE72F65
where another repository might use a PGP keyid of 0x161913F8.



I'd rather keep this more general, like sign-template="/usr/bin/gpg
--detach-sign --output - -u 0x161913F8".  The spaces might need to be
escaped to get them in a CVSROOT, but maybe not.

Just so I'm clear what you're proposing, what I've called "sign-id" you'd rather have as "sign-template" with the args as specified, right? If that's the case, then that sounds reasonable (if maybe a little more effort to type in initially ;-)

Getting back to the -g option mentioned earlier in this thread, would the same syntax be used there as well? For example, if I wanted to override the template for a specific command, could I specify:

cvs -g"/usr/bin/gpg --detach-sign --output - -u 0x12345678" ci

Also, it would be nice if we could provide separate means for specifying the basic signature commands ("/usr/bin/gpg --detach-sign --output -") and the user ID ("-u 0x..."). Since the majority of the command will remain the same regardless of the GPG ID used to sign the key, it would simplify dealing with multiple servers.

Unless CVS would have some cause to switch Key IDs as it goes, I'd
rather CVS know as little as possible about the program it execs to get
a signature.

I'm not sure what you mean by "as it goes." Do you mean while processing directories recursively, or do you mean in separate invocations of the command?

If you mean processing recursively, then CVS doesn't currently support that anyway, does it? If, for example, CVS/Root refers to one server and asubdir/CVS/Root refers to a different server we currently get... shall we say... "interesting" behaviour, don't we?

--
Jim





reply via email to

[Prev in Thread] Current Thread [Next in Thread]