❦ 26 mai 2015 14:38 -0300, Henrique de Moraes Holschuh <hmh@debian.org> :
>> A solution to this without history rewriting is to tag the commits you
>> want to sign.
>>
>> You could tag any commit at any time, and sign that tag. Impractical if
>> you want to retroactively sign a huge swathe of commits, but not bad if you
>> want to retroactively sign a handful of releases, say.
>
> Just remember to have a meaningful comment/message for the signed tag,
> because it can be duplicated/renamed at will.
Doesn't it cover the SHA1 sum?
--
Avoid unnecessary branches.
- The Elements of Programming Style (Kernighan & Plauger)
Attachment:
signature.asc
Description: PGP signature