Changesets feature complete

Aaron Bentley at
Fri May 26 21:29:42 BST 2006

Hash: SHA1

John Arbash Meinel wrote:
>>So this is where I say "sign the message, not just the changeset".  Just
>>because I signed a changeset, doesn't mean I think *you* should merge it
>>into *that* branch.  This is something I think PQM really gets right.
> Except right now you can only tell the pqm to 'merge this branch', so if
> you add extra commits (or uncommit) before it gets there, the message is
> incorrect. :)

Yes, and this is something I think PQM really gets wrong :-).

> But that is something we need to fix with the pqm. (Part of the desired
> fixes to the pqm and pqm-submit that I started were to submit the
> testament sha signatures and revision id of the requested merge)

That would be excellent.

> I am asserting that I want the PQM to grab the revisions that I have. I
> can't guarantee that they are from Aaron, or that they are perfect, but
> I can tell the pqm that they are what I have.

And I suppose, telling pqm that they are what your revisions are based upon.

>>Unless you require the message to be signed, you don't have that
>>guarantee.  Having the changeset be signed means that it was *created*
>>by someone who has access to keys that you trust, not that they *sent*
>>the message or that they think it's a good idea for you to apply it.

> Changesets aren't inherently signed, it should done at a higher level.
> And like you mention, possibly along with a message saying what should
> be done with the changeset (like by pqm-submit).

Yes, I can agree with that.

> I realize I was mixing a couple things here. And it might mean that we
> should put some sort of checksum at the end of a changeset. So that we
> don't go to the expense of parsing it, if it has been munged in transit.

That also makes some sense, though I think it will rarely be very
expensive.  These changesets I've been generating with the entire
revision history of bzrtools are the exception, not the rule.

> Though I know there is stuff which allows whitespace to be stripped from
> the end of lines, so I'm not sure what should be part of the checksum. I
> would like something, though.

Fine by me.

Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird -


More information about the bazaar mailing list