On Wed, Jun 25, 2014 at 10:42:49AM -0700, Junio C Hamano wrote: > Nico Williams <nico@xxxxxxxxxxxxxxxx> writes: > > > On Tue, Jun 24, 2014 at 6:09 AM, Theodore Ts'o <tytso@xxxxxxx> wrote: > > ... > >> This seems pretty close to what we have with signed tags. When I send > >> a pull request to Linus, I create a signed tag which createscontains a > >> message about a set of commits, and this message is automatically > >> included in the pull request message generated with "git > >> request-pull", and when Linus merges my pull request, the > >> cryptographically signed tag, along with the message, date of the > >> signature, etc., is preserved for all posterity. > > > > Thanks for pointing this out. Signed tags are objects -- that's a > > clear and strong precedent.. > > Sounds as if you are interpreting what Ted said as a supporting > argument for having branches as separate type of objects, but the > way I read it was "signed tags are sufficient for what you want to > do; adding a new "branch" type does not make much sense at this > point". Yes, that's what I was saying. If you want to record a reliable "who pushed this" (or "who requested this to be pulled"), you really want to use a GPG signature, since otherwise the identity of the pusher can be completely faked --- especially if the you have a tiered system where you have sub-maintainers in the mix. So if you want any kind of auditability long after the fact, you want digital signatures, and so a signed tag maps exactly to what you want --- modulo needing a standardized "Linus Torvalds" bot. But the nice thing about creating such an automated pull request processing system is that it doesn't require making any changes to core git. If you insist that it has to be done via a "git push", I suspect it wouldn't be that hard to add changes to Gerrit (which already has an concept of access control which ssh keys are allowed to push a change), and extended it to include a hook that validated whether the push included a signed tag. Again, no core changes needed to git, or to the repository format. - Ted -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html