verify-commit: add test for exit status on untrusted signature

verify-tag exits successfully if the signature is good but the key is
untrusted.  verify-commit exits unsuccessfully.  This divergence in
behavior is unexpected and unwanted.  Since verify-tag existed earlier,
add a failing test to have verify-commit share verify-tag's behavior.

Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/t/t7510-signed-commit.sh b/t/t7510-signed-commit.sh
index 13331e533bf520b6f268df16f8a143b8661a1c72..4fc376edb6a904f36cc25ae715024a7af5396041 100755 (executable)
--- a/t/t7510-signed-commit.sh
+++ b/t/t7510-signed-commit.sh
@@ -81,6 +81,13 @@ test_expect_success GPG 'verify and show signatures' '
        )
 '
 
+test_expect_failure GPG 'verify-commit exits success on untrusted signature' '
+       git verify-commit eighth-signed-alt 2>actual &&
+       grep "Good signature from" actual &&
+       ! grep "BAD signature from" actual &&
+       grep "not certified" actual
+'
+
 test_expect_success GPG 'show signed commit with signature' '
        git show -s initial >commit &&
        git show -s --show-signature initial >show &&