From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id C1419138D0B for ; Fri, 3 Jul 2015 23:10:32 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 1924DE08AD; Fri, 3 Jul 2015 23:10:25 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 27E0AE0874 for ; Fri, 3 Jul 2015 23:10:24 +0000 (UTC) Received: from localhost (gril218.jinr.ru [159.93.172.218]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: bircoph) by smtp.gentoo.org (Postfix) with ESMTPSA id AC3E73408E0 for ; Fri, 3 Jul 2015 23:10:22 +0000 (UTC) Date: Sat, 4 Jul 2015 02:10:17 +0300 From: Andrew Savchenko To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Git Migration: launch plan & schedule (2015/Aug/08-09) Message-Id: <20150704021017.7c54c7a3843b33254e99d26a@gentoo.org> In-Reply-To: References: <5595E96A.9050803@gentoo.org> <20150703161913.GA1379@linux1> <20150704001941.ed4c1c2aeb9ec2f23086e1d1@gentoo.org> X-Mailer: Sylpheed 3.4.1 (GTK+ 2.24.20; i686-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="PGP-SHA512"; boundary="Signature=_Sat__4_Jul_2015_02_10_17_+0300_i5_JMqWEUDh+2r7/" X-Archives-Salt: 93c9f6ce-8276-4eb3-9cab-393fab6a8a00 X-Archives-Hash: 2a9f10bc154212876b55ceff8d3aaa38 --Signature=_Sat__4_Jul_2015_02_10_17_+0300_i5_JMqWEUDh+2r7/ Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, 3 Jul 2015 21:40:50 +0000 Robin H. Johnson wrote: > On Sat, Jul 04, 2015 at 12:19:41AM +0300, Andrew Savchenko wrote: > > As I see from git docs only commits and tags may be signed. There > > is no way to sign a push. Moreover there is no need to sign each > > commit, see what Linux says on that: > > http://git.661346.n2.nabble.com/GPG-signing-for-git-commit-td2582986.ht= ml > That was Linus's 2009 opinion, and he changed his mind since then, with > the research into further attacks on SHA1. >=20 > Git (since 2.2) DOES support signed push. Look at the manpage for > git-push, for the --signed option: > http://git-scm.com/docs/git-push We have a rule of "one year compatibility period". ChangeLog shows that git-2.2.0 was introduced on 02 Dec 2014. So pushed commits can't be enforced before 02 Dec 2015. (And yes, my laptop still uses an older version, that's why I was unable to find --sign in the git-push manual.) =20 Best regards, Andrew Savchenko --Signature=_Sat__4_Jul_2015_02_10_17_+0300_i5_JMqWEUDh+2r7/ Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBCgAGBQJVlxZZAAoJEPZTWjO6HuSNLdUQAKbv0OaEjjKIttI/8yTJWcXa NEizaFjY0OOt1hAMo1IgiRQ9qs8iRT/anpTCnnBYmWCuiTuqMqgEPkXDJK/DTXkq +J3dc1wy2T/vfAsYXoLbrCG9crksEiWiSul1cVwznJH3S730x2DroacaCSz5Lh2m cu1BujFrQBUUjL4yVyWFfFysDtj0/PgT9Pi6vHNpVnzckq+YVKVLUlOBBPeSkYM+ wys5O+A81ZhGXAyfNu/QgZH2bprtPyj5oT2nB8NVAqeiqOXeHMhBxEQzd17Zj8Ug nIMOWyIp5KhBLEoYUIhmHZqpAhF9Yqa7aQSmxfwg8OTKbJb2t3PDVa+jLWcGfHw+ cBAvftaYyOKbHO74ap2OPgwwYLvgV2yWu1vejcJDmeGIAkIl6/ewDrYPYhpcEXP9 E4ykjMU9aNZufM1vsIiYijxLKGTU8qNknrKwEO3Az1QTGEBo3n/aYyihm9ZuTOE2 E/kFbCpgm25eYjN83hXKKfEOxfxp17z0+7nre4DasCmTw5NKRdpvMlq5st1XkxgT 84FuuRzD4kU2vIdSKAiHO93jXCnFchtPN62ct8oS4puL20kU06RewJGAFbJDQGYO x+bMACPLJFFl4Ptj7U0aQbFefZ0qJ/LSALeVNglL43X82cf/3y9RIfEQsXjxMfFG NKKyLAhXUA2hT4LOZv8H =AN2E -----END PGP SIGNATURE----- --Signature=_Sat__4_Jul_2015_02_10_17_+0300_i5_JMqWEUDh+2r7/--