Skip to content

Instantly share code, notes, and snippets.

@jettero
Created August 29, 2019 14:22
Show Gist options
  • Save jettero/6c2c7d2febdfd4a05856abaec3f4b996 to your computer and use it in GitHub Desktop.
Save jettero/6c2c7d2febdfd4a05856abaec3f4b996 to your computer and use it in GitHub Desktop.
shell scirpt to list git tags along with their description and an annotation indicator ([t] for annotated/signed and [c] for unsigned/annotated)
#!/usr/bin/env bash
FMT=$'--pretty=format:{}%x1f%C(bold yellow) %h%C(bold blue) %ae%Creset: %s %C(bold black)%ar%Creset%n'
git tag -l | xargs -rn1 -I{} git log -1 "$FMT" {} | while read X
do commit="$(cut -d $'\x1f' -f1 <<< "$X")"
description="$(cut -d $'\x1f' -f2 <<< "$X")"
# use cat-file -t to add add [c] or [t]
#
# Wait, but why??
#
# If the tag is annotated, cat-file -t gives "tag". If the tag is signed,
# cat-file -t gives "tag" (because the signature is an annotation). If the
# tag is neither signed nor annotated, then cat-file -t gives "commit"
#
# The question we're really asking is: is this tag signed
# What we *should* be asking is: does verification of this tag check out?
# (We almost never check this, I probably don't have your signing key in my
# web of trust.)
#
# So [c] and [t] act as proxies for whether the tag is signed...
# useful? not really, except that by default git-describe considers
# annotated tags worth mentioning and non-annotated tags as not worth
# mentioning. Probably the describe folks used annotations as a proxy for
# "good" like we do.
echo "$commit [$(git cat-file -t "$commit" | colrm 2)] $description"
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment