Gpg extension: signing every commit (including "tag" commits)
Matt Mackall
mpm at selenic.com
Mon Oct 17 16:37:14 UTC 2011
On Mon, 2011-10-17 at 12:22 +0200, Andreas Sewe wrote:
> Hi all,
>
> what is the proper way to sign every commit with the gpg extension?
You may want to start by looking at a different extension:
http://mercurial.selenic.com/wiki/CommitsigsExtension
> Currently, I do the following:
>
> hg sign --no-commit
> hg commit -m Foo
>
> This works fine (although I am not quite sure whether the signature
> applies only to Foo's parent or whether it, because of the way Mercurial
> uses hashes for changeset IDs, also applies to Foo) for all commits
> except for those performed when tagging.
The signature applies to the commit being signed -only-.
However, you can infer from a signature that all of the ancestry of the
signed commit is also -known- to the signer.
> hg sign --no-commit
> hg tag Bar
>
> The above doesn't commit .hgsigs. Is there some way of piggy-backing the
> change to .hgsigs onto the the implicit commit made by "hg tag"?
Yes, you could probably do this with some advanced magic. I just use two
commits:
http://selenic.com/hg/graph/8a7f1722b28e
--
Mathematics is the supreme nostalgia of our time.
More information about the Mercurial
mailing list