Jay Soffian <jaysoffian@xxxxxxxxx> wrote: > On Thu, Apr 15, 2010 at 8:39 PM, Brendan Miller <catphive@xxxxxxxxxxxx> wrote: > > Let's say you have a bare git repository writeable by a number of > > different people. How do you prevent them from borking the central > > repository? > > Depends what you mean by borking, but you might consider starting with > reading the "git config" man page for the following entries: > > - receive.denyDeletes > - receive.denyNonFastForwards > > > Also, is there an automated mechanism to ensure that the timeline > > stays clean? Say, force people to rebase their repositories before > > merging into the shared repository? > > In order to prevent merges, you will need to use a a receive-pack hook such as: > > http://lists.gnu.org/archive/html/bug-gnulib/2008-10/msg00221.html > > You might also consider something like gitosis/gitolite/gerrit > depending upon how formal you want to be. I think his only choice is to install a gitosis/gitolite/gerrit solution. Basically he needs to completely remove write access to the repository, so developers can't muck with it directly. That requires one of those 3 tools to provide secured proxy access. On top of those, yea, you would then also want to configure the receive.denyDeletes and denyNonFastForwards you mentioned above, as well as maybe also write a custom update or pre-receive hook to prevent merges from entering the repository. Though preventing merges is a bit pedantic. Eventually you'll want to use a merge rather than a rebase (e.g. merge in a maintenance branch to pick up its bug fixes into the main development trunk). -- Shawn. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html