On Thu, Mar 4, 2010 at 10:00 PM, John Tapsell <johnflux@xxxxxxxxx> wrote: > On 5 March 2010 02:03, Avery Pennarun <apenwarr@xxxxxxxxx> wrote: >> modified code would be a little more interesting. git makes this sort >> of thing pretty much impossible to do without it being *noticeable* at >> least. Traceable, not so much, because you can create a commit with >> whatever committer/author names you want and then push them in. > > Which is why you simply record the username of whoever pushed them in. > This is what gitorious.org does etc. Not bad, but it's still very hard to trace properly. Imagine I pull from a peer, then push my combined branch into the central repo. It'll say I'm pushing in patches from me *and* my friend. Did I forge them or are they real? Avery -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html