On Wed, Jul 06, 2022 at 04:37:07PM +0200, Stefan Sperling wrote:
> On Wed, Jul 06, 2022 at 09:22:28AM -0400, Josh Rickmar wrote:
> > Yeah, seems reasonable.  It should also skip if built with OpenSSH
> > version 8.7.  From https://lore.kernel.org/git/xmqq8rxpgwki.fsf@gitster.g/:
> > 
> >  * In addition to GnuPG, ssh public crypto can be used for object and
> >    push-cert signing.  Note that this feature cannot be used with
> >    ssh-keygen from OpenSSH 8.7, whose support for it is broken.  Avoid
> >    using it unless you update to OpenSSH 8.8.
> > 
> > I'm not aware of a way to test for this support from Git itself.  I
> > guess we'll have to parse the version strings? :(
> > 
> > 
> 
> Either check version strings (yes, it's ugly), or do a feature test:
> 
> Try to create an SSH-signed tag with Git, and if that fails assume
> support for it is nonexistent or broken.
> Git has its own test suite, we can assume that their releases don't
> fail for unrelated reasons when we do this sort of check.

Just to be clear, I did not intend my question about a test tweak to
block your fix. It would be good to get the fix merged to main and
then into -portable. If tests are failing just because the version of
Git is too old, that is not a blocking issue.