Updates to the commitsigs extension

[Martin Geisler]

Igor Lautar <igor.lautar at gmail.com> writes:

> On Wed, Jun 9, 2010 at 12:50 AM, Martin Geisler <mg at lazybytes.net> wrote:
>> Yes, even if signature was preserved, there would be no good way to
>> validate it any more. This is despite the fact that transplant does keep
>> most attributes the same -- when the ancestry changes, we have no
>> connection between what was signed (the old changeset hash) and what is
>> present (the new changeset hash).
>>
>> I think the best we can hope for is to make transplant ask for a new
>> signature.
>
> I'm thinking about the use case that was brought up here, having
> release branches, bugfixes being made on master and transplanting
> whatever is needed for next patch release. But its not so straight
> forward, because transplant may have collisions etc., which then makes
> patch different, for example.
>
> Best solved (at this point) by having release manager (who does
> transplants) sign it himself.

Exactly, I think that is the right and secure solution: he who creates a
changeset (via transplant, rebase, or any other way) must sign it too.

-- 
Martin Geisler

aragost Trifork
Professional Mercurial support
http://aragost.com/mercurial/