On Monday 2007 January 15 10:56, Shawn O. Pearce wrote: > You can't just clip commits out during a push! Are you going to > reject the push because the trusted SSH-logged in maintainer has > pulled in changes from elsewhere and has decided that they are good > enough for inclusion? Yes. What about this set of repositories Central - Maintainer - Lieutenant - Subsystem Maintainer - Idiot - Vandal While I'm not saying that it should be mandatory, I do think that the central repository should have an optional way of stopping the vandal using the idiot's repository to push unnoticed bad changes in under somebody else's name. What about: * Vandal spends one year developing reasonable relationship with Idiot, all patches are good. Occasional big patches are pulled by Idiot. * Vandal prepares extra big series of commits, with ostensibly good functionality. In the middle of large series adds one small commit with the committer set to someone other than himself. In fact, he sets it to be someone he doesn't like. * Idiot pulls from Vandal's repository. * pull, pull, pull, push because we all trust the person we're pulling from. * Vandal's changes are now in Central. > Yes, that's very valid. But if you trust me and I've gone and > built 100 commits on top of something I got from someone else I > trust but that you don't trust, you are going to reject all of my > changes and ask that I rewrite them? That's quite paranoid. Well yes. I personally wouldn't bother, but I'm casting myself in the role of "paranoid" maintainer for this discussion. The answer is: no, you can't put your 100+X commits in my repository because I don't trust the person who wrote X of them. It is paranoid, and it is overkill, but it is also /my/ repository. It might also be that you are my employee and you will do as you are damn well told. I'm arguing that git should cater for the borderline sociopath as well as the well adjusted developer as well. After all, PHB's need version control too :-) > the author field to anything you want; indeeded I often copy in > changes from other people and mark them as the author will retaining > the committer line as myself. In the case above, it is the distributed nature of git that causes the problem, the original comitter is Idiot, but the repository that the changes use to get into central is Maintainer's. This has spiralled more than I ever intended anyway. You (and Johannes) have answered my question: namely that there isn't an easy way to do it (with a commit script) and that it's not really a major issue anyway. Andy -- Dr Andy Parkins, M Eng (hons), MIEE andyparkins@xxxxxxxxx - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html