On Wed, Dec 23, 2020, at 12:04 PM, Florian Weimer wrote: > Is there even meaningful two-factor authentication support for Git > pushes, anywhere? (Not just in the Fedora infrastructure.) This problem is solved by my plan: https://github.com/projectatomic/rpmdistro-gitoverlay/blob/master/doc/reworking-fedora-releng.md#unified-source-and-pr-driven-workflow For example in OpenShift our projects don't allow direct pushes to master, and merges require review from a second person. The CI bot takes care of merging, not humans. (The 2FA aspect here boils down to web authentication which is well supported) Even for projects I created upstream and am a project owner, once they reach a certain point I still try really really hard to get someone else to review and not just push things to master. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
