Re: On disallowing lightweight tags
- From: Owen Taylor <otaylor redhat com>
- To: Behdad Esfahbod <behdad behdad org>
- Cc: Gnome-infrastructure gnome org
- Subject: Re: On disallowing lightweight tags
- Date: Sat, 18 Apr 2009 08:02:07 -0400
On Fri, 2009-04-17 at 22:55 -0400, Behdad Esfahbod wrote:
> Hi Owen,
>
> I'm trying to fill in http://live.gnome.org/Git/Help/LightweightTags
> Is it that we just disallow lightweight tags, or also tag objects with no gpg
> signature? If the former, don't we really want the latter?
The reason not to use a lightweight tag is that they have no information
about who created the tag, when, or why.
Annotated tags (git tag -a) and signed tags (git tag -s) have that
information so are preferred.
There are reasons to me why someone might want to use an annotated tag
instead of a signed tag:
- They don't have GPG set up and can't set it up with reasonable
ease (on Windows, perhaps)
- They don't have a GPG key (or forgot their passphrase) and they
need to get something tagged
- They are tagging an old version on behalf of someone else
For releases I think we want to strongly suggest, but not require, a
signed tag with with 'git tag -s'.
- Owen
Note: From a strategy point of view, the reason to forbid lightweight
tags, is not that they are evil, but that it's really easy to make them
because you don't know about the alternatives, and the alternatives are
better.
It also prevents the sequence
git tag show
git tag -s v3.4.5
git push --tags
from pushing a lightweight tag called 'show'.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
