adityasaky
commented
1 month ago This came up in #411. At the transport layer, we have access to the refspec that is being pushed, and we use it to create RSL entries for each updated ref.
Open adityasaky opened 1 month ago
adityasaky
commented
1 month ago This came up in #411. At the transport layer, we have access to the refspec that is being pushed, and we use it to create RSL entries for each updated ref.
Add a description
gittuf assumes that a local branch and the remote equivalent of the branch have the same name. This may not be the case, as the refspec allows for specifying a source and destination name (src:dst).
When creating an RSL entry, gittuf ought to support recording the dst ref name in the entry while reading the tip from the src ref name. This would entail an enhancement to
gittuf rsl record.When verifying an RSL entry, gittuf ought to support specifying the local name of the ref being verified (which matches what's in the entry). Thus, at the very end, when gittuf inspects the tip of the local reference to see if it matches the latest valid entry for the ref, the explicitly specified local ref name would be used.
Relevant log output if the discussion pertains to existing gittuf functionality
No response
Code of Conduct