From mboxrd@z Thu Jan  1 00:00:00 1970
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
Subject: Re: pre-push signature hook error reporting [was Re: [PATCH v6] gnu:
	python-sphinx: Update to 1.4.8.]
Date: Fri, 20 Jan 2017 15:05:42 +0100
Message-ID: <87o9z1aksp.fsf@gnu.org>
References: <20170105161431.9803-1-dannym@scratchpost.org>
	<878tqpjw93.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me>
	<8760lj5eb6.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me>
	<20170113152400.GA24322@jasmine> <20170117031414.GB23513@jasmine>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:60988)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1cUZp8-00072c-SU
	for guix-devel@gnu.org; Fri, 20 Jan 2017 09:05:55 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1cUZp3-0008AT-6G
	for guix-devel@gnu.org; Fri, 20 Jan 2017 09:05:50 -0500
In-Reply-To: <20170117031414.GB23513@jasmine> (Leo Famulari's message of "Mon,
	16 Jan 2017 22:14:14 -0500")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: Leo Famulari <leo@famulari.name>
Cc: guix-devel@gnu.org

Leo Famulari <leo@famulari.name> skribis:

> On Fri, Jan 13, 2017 at 10:24:00AM -0500, Leo Famulari wrote:
>> I bet that you are using the new pre-push hook that verifies commit
>> signatures, and you're trying to push some commits that fail the
>> signature verification check.
>>=20
>> Someone should add some error reporting to the hook.
>
> In Git 2.11.0, it seems that `git verify-commit` can't tell the user
> which commits failed verification:
>
> https://git.kernel.org/cgit/git/git.git/tree/builtin/verify-commit.c?h=3D=
v2.11.0
>
> With a warm cache and all the public keys on my machine, checking the
> signature of all 17813 commits on the master branch takes ~40 seconds
> with `git verify-commit $(git rev-list HEAD)`. This is what the pre-push
> hook does now.
>
> Checking the commits one at a time takes ~105 seconds, using something
> like this:
>
> for commit in $(git rev-list HEAD); do
> 	if ! git verify-commit $commit; then
> 		echo $commit
> 	fi
> done
>
> We could make the hook do something like that. Thoughts? I think the
> performance regression is worth the convenience of knowing why it
> failed.

For the pre-push hook, the overhead seems reasonable (perhaps we could
limit the range to commits after the first signed commit to avoid
looping for no reason?) and an improvement.

Eventually we could rewrite in Scheme using guile-git, which should be
faster (no need to fork that much).

Thanks!

Ludo=E2=80=99.