Git noob here.
I know this is against the principal of "distributed source control" but I want to "password protect" certain development branches in my GIT repository. That is, I don't want that branch to be available via git branch -r, except to a certain group of developers who need access to that branch, via some sort of password.
Possible?
Why not make a separate git repository and allow only you and that certain group of developers access (this can be accomplished using gitosis)?
And if you are not already using gitosis, I suggest you do so.
I don't think this is possible. It would make things like merging near impossible since git needs to know about the branches in order to make a merge. Consider the situation where one of your trusted developers merge something from the hidden branch to your main branch. Then a non-trusted developer tries to merge his changes -> how would you resolve the conflicts?
But it's simple to get what you want: just have a separate repository and use that as a "branch" since merging from a different repository is about as easy as merging a branch in the same repository.
You can have a separate repository cloned from the public one with its own branches.
This repository could be in the filesystem with the right ACLs or group permissions, or it could be a separate server requiring proper login credentials, etc. Then developers could commit, pull, merge, etc. as authorized.