User Details
- User Since
- Mar 27 2017, 4:48 PM (404 w, 2 d)
- Availability
- Available
Nov 23 2016
Oct 31 2016
Jan 21 2015
That's fine... or just make the wording in the man page more clear. Under
--verify, it talks about using --output with cleartext signed data. That seemed
to imply (to me) that --output is used _with_ --verify. I think it should be
clearer that --output is to be used _without_ --verify or that --output has no
effect when using --verify.
So this could be treated as just a documentation bug rather than create yet
another new option.
For what it's worth, I don't think backward compatibility is an important
concern here. If someone was using --output with --verify before, they likely
were under the impression that the combination worked when in reality the two
options together just weren't a valid combination. It seems unlikely that
anyone would depend on --output being ignored when used with --verify, and so
making the combination work now should not cause legitimate compatibility problems.
If the combination of --output with --verify is not made to work, there should
probably be a warning emitted (in addition to fixing the documentation).
In summary, it seems to me that viable options are at least the following:
- make --output work with --verify (possibly bad for compatibility reasons in
the rare use case of someone depending on current behavior of the currently
invalid combination)
- fix man page in the --verify section - specifically, clarify the text
discussing using --output
- add some new option
- warn if an invalid combination of options exists (e.g., --verify with
--current in the current implementation <= 2.1.1)
These are not necessarily exclusive choices.
I guess I would prefer to allow the combination to work or warn and fix the
docs. Not as keen to add yet another new option - there's already a lot.
I can work up a patch if we can settle on a direction.