nwb-schema icon indicating copy to clipboard operation
nwb-schema copied to clipboard
verified publisher icon NeurodataWithoutBorders

Consider using annotated and/or signed tags

Open yarikoptic opened this issue 6 years ago • 2 comments 

(git)lena:~exppsy/pynwb-upstream/src/pynwb/nwb-schema[tags/2.2.0~42]git
$> git describe
fatal: No annotated tags can describe '3939e3525c89a15ab81f26871db844c0d3f062c2'.
However, there were unannotated tags: try --tags.

$> git describe --tags
2.1.0-4-g3939e35

$> git tag
2.0.1
2.1.0
2.2.0
2.2.1

The problem is that those tags are not "proper" tags (separate git object with description etc) but lightweight tags, so not used by git describe by default. Unfortunately that is how github git tags the releases, since they contain metadata (description etc) separately, not in git.

Optimal IMHO strategy is to

  • use git tag -a or even git tag -s locally to create proper annotated git tags
    • I usually copy/paste changelog for the release
  • git push --tags (or just git push TAG if only one) to github
  • go to releases, click "Edit" on that tag, and "Save" so github picks up the information from git tag annotation.

E.g. here is our releases for datalad created in a similar fashion: https://github.com/datalad/datalad/releases

yarikoptic avatar Jan 27 '20 19:01 yarikoptic

I'm never using annotated tags myself only lightweight tags. So why is passing --tags to git describe not feasible. Especially if it is the github default?

t-b avatar Jan 27 '20 19:01 t-b

So why is passing --tags to git describe not feasible.

it is "feasible". It is a matter of using the tool as it was intended/envisioned to make most use of it. Whenever I want to describe I just use git describe first without any options. I think the reason why git describe does not by default (without --tags) use lightweight tags is that then you could use annotated tags for "important" states (releases etc), while lightweight for throw away/intermediate tags (although I must confess I do not use them that often). But I had cases where in some projects git describe --tags would hit some intermediate lightweight tags, not release ones. Then whenever release ones are not annotated as well -- I was doomed to use --match option to restrict to the release ones... so time was wasted. But it could be for other reasons (they are the ones with author info, time/date, etc), see e.g. https://stackoverflow.com/questions/4971746/why-should-i-care-about-lightweight-vs-annotated-tags whenever lightweight ones have no metadata attached (so cannot be signed to verify legitimacy etc),

yarikoptic avatar Jan 28 '20 00:01 yarikoptic

Annotated, signed git tags were added with the PR mentioned above.

stephprince avatar May 13 '24 17:05 stephprince