On Thu, May 17, 2012 at 4:17 AM, Jones, Brian P CTR SPAWARSYSCEN-PACIFIC, 63600 <brian.p.jones4.ctr@xxxxxxxx> wrote: > I am working towards git adoption on a project. One of the concerns is the fear that git history is not guaranteed to be time safe. How can I configure a git repository so users cannot push or pull changes into it that change it's history? This includes keeping users who work directly in the repository from doing a rebase. > > I've found... > http://stackoverflow.com/questions/2085871/strategy-for-preventing-or-catching-git-history-rewrite > > Which recommends setting... > > git config --system receive.denyNonFastforwards true > git config --system receive.denyDeletes true > > ...Is this enough to guarantee time safe history? Yes. If you want something more fine-grained, you should consider using gitolite. For example you could say that only the master branch, and tags whose names start with "v" followed by a digit (followed by anything else) should be so protected, and that the other stuff can be rewound if someone wants to. http://sitaramc.github.com/gitolite/why.html shows you a couple of simple use cases for gitolite, although it does not explicitly address your situation. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html