I am trying to setup a shared git repository via ssh, copying users public keys to the authorized_keys. I'd really like the "username" from the ssh-key to be part of the commit history in the repo (so that the user "joe" cannot just set his name to be "kate" - we need some kind of accountability). Is there any way to do this ?
+3
A:
That won't work with the decentralized nature of git. Imagine joe merges kate's development branch. There are commits from joe and kate in his local clone now:
* joe: Merge branch 'kate'
|\
| * joe: update foo
* | kate: fix test
* | kate: add test
|/
* joe: initial commit
If joe pushes to the central repository now, and you are enforcing the username, kate's commits would be attributed to joe.
d0k
2009-08-12 13:55:39
+5
A:
Simply, no, there is no way. The reason is that the author and committer details are set when a commit is made and this usually happens locally. A git push happens at a later time to push existing commits to the remote repository. Because the commits are already made and referenced by SHA1 hash, they cannot be altered during a push operation.
What you might consider doing is having a pre-receive or update hook that prevents people from pushing commits that they haven't authored, but this might prevent a lot of legitimate uses. You may find that trusting your users is the only sensible option.
Charles Bailey
2009-08-12 13:56:32
+1
A:
On Git-hub every user has his own server-side git repository. Maybe you could allow users only to push to there, and you would have an admin pulling into the "official" repository? This way, there is full traceability and accountability. You also will have a moderator with the ultimate responsibility.
Hugo
2009-08-13 05:35:50
It's a nice suggestion, but we really don't want a single admin since all committers are considered equally trusted. A single admin would just be overhead, which we avoid like the plague...
krosenvold
2009-08-13 06:09:38