On Tue, Oct 30, 2012 at 1:34 PM, Angelo Borsotti <angelo.borsotti@xxxxxxxxx> wrote: > Hi Cris, > > I think a key in the config file of the remote repo is better than an > option on git-push for what concerns security: it allows the owner of > the remote repo to enforce the policy not to overwrite tags, which > would not be possible if any user that has push access can --force > tags. > > -Angelo Hi Angelo, Security is orthogonal to what this patch is attempting to resolve. As Kacper pointed out, you can never be sure you're not going to clobber an existing tag in the remote repo. This patch attempts to give git-push better (i.e., less surprising) semantics for tags. In other words, it's should will prevent mistakes, not provide any sort of security. So I don't think a config option is better or worse, it's just trying to solve a different problem. Thanks, Chris -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html