tools: fix release script on macOS 10.12#8824
Conversation
MylesBorins commented Sep 28, 2016
I'd like to verify that this doesn't break support for subkeys... as this code has been fragile to that before |
jasnell left a comment
jasnell left a comment There was a problem hiding this comment.
Changes LGTM but I agree with @thealphanerd that we'll want to test this a bit more before landing
evanlucas commented Oct 12, 2016
/cc @Fishrock123 and @rvagg any opinion on this? |
rvagg commented Oct 12, 2016
I think this might be from a new version of git, or perhaps gnupg, I'm noticing now on 10.10 that it comes out saying "using RSA key ..." with "key ID" nowhere to be found! I'd still be more comfortable limiting the text a tiny bit more, perhaps just inserting a |
rvaggforce-pushed the master branch 2 times, most recently from c133999 to 83c7a88Compareevanlucas commented Oct 19, 2016
@rvagg the reason I switched it around was because more of the key is now shown in the newer versions. Here is an example to show what I mean: Before: After: So the |
rvagg commented Oct 19, 2016
@evanlucas what I meant was, inserting a grep for the word "key" as well, probably not really a material change though. @thealphanerd just got caught by this for v6.9.1 so we should get it merged and backported to v7, v6 and v4. |
Previously, we were relying on the output of gpg from git tag -v to verify that the key selected by the releaser is the key that was used to sign the tag. This output can change depending on the version of git being used. Now, we just check that the output of git tag -v contains the key selected. Fixes: nodejs#8822
evanlucas commented Oct 19, 2016
@rvagg ah sorry. Updated. PTAL |
rvagg commented Oct 20, 2016
lgtm |
Previously, we were relying on the output of gpg from git tag -v to verify that the key selected by the releaser is the key that was used to sign the tag. This output can change depending on the version of git being used. Now, we just check that the output of git tag -v contains the key selected. Fixes: #8822 PR-URL: #8824 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Rod Vagg <[email protected]>
jasnell commented Oct 20, 2016
Landed in 6845d6e |
Previously, we were relying on the output of gpg from git tag -v to verify that the key selected by the releaser is the key that was used to sign the tag. This output can change depending on the version of git being used. Now, we just check that the output of git tag -v contains the key selected. Fixes: #8822 PR-URL: #8824 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Rod Vagg <[email protected]>
Previously, we were relying on the output of gpg from git tag -v to verify that the key selected by the releaser is the key that was used to sign the tag. This output can change depending on the version of git being used. Now, we just check that the output of git tag -v contains the key selected. Fixes: #8822 PR-URL: #8824 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Rod Vagg <[email protected]>
Previously, we were relying on the output of gpg from git tag -v to verify that the key selected by the releaser is the key that was used to sign the tag. This output can change depending on the version of git being used. Now, we just check that the output of git tag -v contains the key selected. Fixes: #8822 PR-URL: #8824 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Rod Vagg <[email protected]>
5 participants
Checklist
Affected core subsystem(s)
tools
Description of change
Previously, we were relying on the output of gpg from git tag -v to
verify that the key selected by the releaser is the key that was used
to sign the tag. This output can change depending on the version of git
being used. Now, we just check that the output of git tag -v contains
the key selected.
Fixes: #8822
/cc @nodejs/release