Hi, On Mon, 15 Jan 2007, Andy Parkins wrote: > As an example of why this would be useful: let's say we have a developer > committing to a maintainer repository who then merges those changes into > mainline and pushes up to the central repository (like what happens with > Linux). The commits to the central repository are made using the ssh > login of the maintainer, but they are adding commits by someone else. > What if that someone else isn't allowed to commit to the central? With > signed commits the option is available to exclude them. IMHO the thinko is the old CVS one. With git we _discourage_ a central repository where everybody pushes into. We _encourage_ local repositories, which are controlled by _one_ person. If you need a central repository with one "official" version, then designate a release officer. This officer is responsible to keep the repository clean. And I _guarantee_ you that she can tell where she pulled bad commits from: it is written down in the "Merge from" message. And BTW you have no option to exclude unsigned commits when pushing to a repository. It is either all in or all out. Ciao, Dscho - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html