From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms9.migadu.com with LMTPS id SMWjId1CZ2QTFwAASxT56A (envelope-from ) for ; Fri, 19 May 2023 11:35:25 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id cOOVIN1CZ2S+oQAAG6o9tA (envelope-from ) for ; Fri, 19 May 2023 11:35:25 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 5659AED44 for ; Fri, 19 May 2023 11:35:25 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pzwVZ-0004fw-K2; Fri, 19 May 2023 05:34:45 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pzwVX-0004fW-09 for guix-devel@gnu.org; Fri, 19 May 2023 05:34:43 -0400 Received: from jpoiret.xyz ([206.189.101.64]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pzwVV-0006Ft-FT for guix-devel@gnu.org; Fri, 19 May 2023 05:34:42 -0400 Received: from authenticated-user (jpoiret.xyz [206.189.101.64]) by jpoiret.xyz (Postfix) with ESMTPA id 68428184F2A; Fri, 19 May 2023 09:34:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jpoiret.xyz; s=dkim; t=1684488878; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=Aylv6ngVVgSYD2GQPt1SMOVFhfTqWfNMtC1siyEwlfc=; b=Ymg9cpfLIAyy3CsMlWAB6UXrSaVqoU3xK62UU824TvHngqrnqzBtdWVzx4F5TxcvAZRY00 Z2VzrE++I+m4o/WGbuIHcp6Yd2Ukik2FU36r0bsvX/CbGuljrwsWiWx5JDbQlIwYMENwTN yOTTWskMuAWcmDioTcb+tz9l1oOWP9vEruKDszapBi0Ej9Mrab1O0LXolwYqTHjCNG/J9W nlpCV0cuIncr+5asrOYGXxqAUaN0VTPhjCc3tKQ+OeYvzJBupM0AULAP7RpRNns61ADj9J s6MN7HNgs4KtxUsL+8y29W5HUGP7rJvJhVmPrAz7WiJKy0brvpQb1m9/0xRI2Q== From: Josselin Poiret To: Maxim Cournoyer , Leo Famulari Cc: guix-devel@gnu.org Subject: Re: Should commit signing always be required for local work? [was Re: bug#63261: Recent changes to git config cause errors for non-committers] In-Reply-To: <87pm6xknq0.fsf@gmail.com> References: <874jospdr2.fsf@psyduck.jhoto.kublai.com> <87y1m024rx.fsf@gmail.com> <875y8tww86.fsf@gmail.com> <87pm6xknq0.fsf@gmail.com> Date: Fri, 19 May 2023 11:34:35 +0200 Message-ID: <877ct4r7f8.fsf@jpoiret.xyz> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spamd-Bar: / Received-SPF: pass client-ip=206.189.101.64; envelope-from=dev@jpoiret.xyz; helo=jpoiret.xyz X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN ARC-Seal: i=1; s=key1; d=yhetil.org; t=1684488925; a=rsa-sha256; cv=none; b=UqyO4oF377Uf1O9GqTAPEJkYTydwBIuqB9ZaPsFt5Yf3DDkdqfwThVGhKqkp7ckAuULCIW T+PbcEKdB//2CFP3OQqU4md+i5sARzEqp1FXIqbE0tIl773a0pQV5ZQKOSxs7EzwjRXn/n Jo4Jl39k0BSQLzs4dO9LekWsXY56C4vQE5mkxhR5eQH7QCnhMF4vgu/ffJJNCA4GJGK+p0 oHZXoZA318tQx5+j2GtW8qnZU3dL0kf3qpVtvu7BkdtUEn7xOwu9wN6DVAkkjiHhgtSBBg ywJHsiC57X+b7PLJQZq58yVg8ksszIslWEpzWPmOF7vEc+A0xTX8JhNsybC7OA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=jpoiret.xyz header.s=dkim header.b=Ymg9cpfL; dmarc=pass (policy=reject) header.from=jpoiret.xyz; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1684488925; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=Aylv6ngVVgSYD2GQPt1SMOVFhfTqWfNMtC1siyEwlfc=; b=JNYpJqG7bjEuC/OtFAqbnQs+TuaTFZDVkC8/fdIEE5TVmmL1f74EH1EABQiXSBSUdgQTyZ zG1pZxY9AIgCiH5o0DhRbYnf3AbTjYBJdcSrUhZ6pXyjXw7XzNe9H3YaHizJNpdOhj2MCd pYhJQqAt8oKXbPsBZoFpHoJ+Gn/UqMed10NLmrWx5dbideK/ACjPUlzNA8KTl7VrBRUMFr srqRIdmCgj5saacVrj2I7YZDLEAP1jkybmVkKbrMfP1RZJtq7brXQOs9WffUAUKy8y+UhC V9f/SO5pqOweKDFfvdwAv5RA+VR/oLylr7tj3w141W50sqh4/RxRdNom70qN/g== X-Migadu-Spam-Score: -11.80 X-Spam-Score: -11.80 X-Migadu-Queue-Id: 5659AED44 X-Migadu-Scanner: scn0.migadu.com Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=jpoiret.xyz header.s=dkim header.b=Ymg9cpfL; dmarc=pass (policy=reject) header.from=jpoiret.xyz; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-TUID: VH8SUvSf6S+7 --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hi Maxim and Leo, Maxim Cournoyer writes: > Thanks for voicing your thoughts on this. I originally thought the > included fragments (via the 'include.path' git config option) could we > overridden by a user but it seems they can't, making the change more > intrusive than it should have been. Just FYI, it seems that it was possible to override that behavior by making sure the include was before the overriding gpgsign =3D false in the repo's .git/config. Still, it's probably best to let users judge what their workflow should be. I'm curious Leo, in general (not Guix because we have a pre-push hook), how do you make sure you always publish signed commits? I don't want to put unsigned commits anywhere except locally, but it feels like I might just forget to sign them before pushing. Best, =2D-=20 Josselin Poiret --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQHEBAEBCgAuFiEEOSSM2EHGPMM23K8vUF5AuRYXGooFAmRnQqsQHGRldkBqcG9p cmV0Lnh5egAKCRBQXkC5Fhcaip2vDAC4sTfAY2J/uHPWvEaAMAS2S/bSLzHGXaTD JsU4ogZ9a1Vlj/yPGUqr7q3/EH+YKfgT1TtklrrgGH2lkc7N8XixWeYWkTwnWQtr w63jayhAlLwVbYxe/++MpRCxsdeggIb3rTXJnpv3G3VR4mUjZ7beFC88ulFUcVcM Mg8fniPBKPbP6VFNyEhpNG+WP0WNZ2wedz0w16mgdGBn/tYJQWB8/lMnn68cZnWw jTthmdiHdrXeCG+vulh2z/iGmMf5CWLTU31Wwz62J/NBg5jwcUs0tdye9lg1CDKh yXmfFT2mkZQejYi09Zj3DJCb2BJ4ZyOLK5ROeV5MmT+6FqpVWfbqiJCVmhPpaIGo wCaqUIfkL0F7hLIbJJX3EDE1lu/usU4oal0ImHoZvlWLNJV5TVpj/aZECxa60nVp ofnY9ptfDQuDT8xDXM5nmyURk1FC1QJtO52bJKiTnfh6ZH76RL9lRJsL5SZys5FL BOROkeTgEa81nlbVkozMRLskT2l0Aqw= =KRKl -----END PGP SIGNATURE----- --=-=-=--