[go: up one dir, main page]

Skip to content

Improve how fast-export handles signed commits

When I started to work on #519, it appeared that the work merged as part of #457 (closed) did not provided very good information about the commit signatures that are exported.

I think that before working on importing signatures, it's better if we can work on getting better information about them in what is exported. This is likely to make it easier to import them later on (after they have possibly been modified by git filter-repo).

So let's work on this.

I already started a simple approach in a single patch, but people found issues with it. So I am now trying a different approach based on checking signatures when they are exported.

In the next versions of the patch:

I came back to the simple approach but I addressed a number of issues or limitations:

  • the output format was not properly described in the documentation,
  • the output format was not very informative as it didn't even say if the signature is an OpenPGP, an SSH, or an X509 signature,
  • the implementation didn't support having both one signature on the SHA-1 object format and one on the SHA-256 object format which is important when migrating a repository from SHA-1 to SHA-256.

Eventually fast-export and fast-import were improved so that:

  • all the signatures are exported,
  • at most one signature on the SHA-1 object and one on the SHA-256 are imported,
  • if there is more than one signature on the SHA-1 object or on the SHA-256 object, fast-import emits a warning for each additional signature,
  • the output format is "gpgsig ", where is the Git object format as before, and is the signature type ("openpgp", "x509", "ssh" or "unknown"),
  • the output is properly documented.

The v6 version of the patch was merged into next via a6a173da.

Edited by Christian Couder