[MERGE] Use "create_signatures" for signing

Aaron Bentley aaron.bentley at utoronto.ca
Wed Jun 14 20:47:45 BST 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

The signing configuration is currently a bit wonky: there is a
"create_signatures" option documented, but it currently does nothing.
The "check_signatures" option turns on signing, but doesn't check
signatures.

This patch
 - implements the create_signatures option as authoritative
 - deprecates the use of "check_signatures" for determining whether to
create signatures.

The use of "check_signatures" to control signature checking is NOT
deprecated.  Rather, a warning is issued when people have a checking
policy but no signing policy, and they commit.

I don't understand how the 'when-required' option is supposed to work,
though I have implemented it faithfully.  Surely a branch that requires
signatures would have its own 'create_signatures=always' setting in
.bzr/branch/branch.conf.

I think trying to consolidate these policies into a single configuration
option is a mistake, because there are many reasonable variations:

1. I don't care about signatures
2. Check signatures if present, but don't sign
3. Require signatures, but don't sign
4. Check signatures if present, and always sign
5. Require signatures, and always sign.

Aaron
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFEkGfh0F+nu1YWqI0RAkzjAJ9tM7WGZyoIw5vAUaSKlAaUNxmKMgCfbunN
pAYILZb3V+owlvVFr+L9I7E=
=5VcY
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signing.patch
Type: text/x-patch
Size: 9229 bytes
Desc: not available
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20060614/a5b7bcba/attachment.bin 


More information about the bazaar mailing list