Removing tags in git

Jannis Pohlmann jannis at xfce.org
Mon Nov 2 13:28:02 CET 2009 

On Mon, 2 Nov 2009 11:42:04 +0100
Nick Schermer <nickschermer at gmail.com> wrote:

> During the last exo release I added an invalid tag (well not entirely
> invalid, but i did a pull --rebase before pushing, so the hash the tag
> points to is not visible, when you click the tag in git the tarball
> still contains the correct data). So I tried removing the tag with git
> push origin :refs/tags/exo-0.5.1, but it seems this is not allowed by
> our rules.
> Talked about that with Jannis and he confirmed this was blocked on
> purpose, but he couldn't remember why exactly.
> 
> So, why is removing tags not allowed? It seems to be normal to me to
> correct mistakes like this or are there technical reasons?

The reason is explained in the man page of git-tag:

  On Re-tagging
      What should you do when you tag a wrong commit and you would
      want to re-tag?

      If you never pushed anything out, just re-tag it. Use "-f" to
      replace the old one. And you're done.

      But if you have pushed things out (or others could just read your
      repository directly), then others will have already seen the old
      tag. In that case you can do one of two things:

       1.  The sane thing. Just admit you screwed up, and use a
       different name. Others have already seen one tag-name, and if
       you keep the same name, you may be in the situation that two
       people both have "version X", but they actually have different
       "X"'s. So just call it "X.1" and be done with it.

       2.  The insane thing. You really want to call the new version
       "X" too, even though others have already seen the old one. So
       just use git-tag -f again, as if you hadn't already published
       the old one. However, Git does not (and it should not) change
       tags behind users back. So if somebody already got the old tag,
       doing a git-pull on your tree shouldn't just make them
       overwrite the old one.

      If somebody got a release tag from you, you cannot just change
      the tag for them by updating your own one. This is a big
      security issue, in that people MUST be able to trust their
      tag-names. If you really want to do the insane thing, you need
      to just fess up to it, and tell people that you messed up. You
      can do that by making a very public announcement saying:

          Ok, I messed up, and I pushed out an earlier version tagged
          as X. I then fixed something, and retagged the *fixed* tree
          as X again.

          If you got the wrong tag, and want the new one, please delete
          the old one and fetch the new one by doing:

                  git tag -d X
                  git fetch origin tag X

          to get my updated tag.

          You can test which tag you have by doing

                  git rev-parse X

          which should return 0123456789abcdef.. if you have the new
          version.

          Sorry for inconvenience.

      Does this seem a bit complicated? It should be. There is no way
      that it would be correct to just "fix" it behind peoples backs.
      People need to know that their tags might have been changed.

So, the best way probably is to retag 0.5.1 with 0.5.1.1 or 0.5.1-proper
or something. Opinions?

  - Jannis
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://mail.xfce.org/pipermail/xfce4-dev/attachments/20091102/f4245039/attachment.pgp>

More information about the Xfce4-dev mailing list