Hi, I'd like to ask whether anyone has best practices for achieving GDPR compliance for git repos? The GDPR will come into effect in the EU next month. In particular, how do you cope with the "Right to erasure" concerning entries in the history of your git repos? Erasing author names from the history changes the commit hashes. It is well known that this leads to a lot of problems. So I don't consider this a workable solution. And how do you justify publishing your employee's name/email as part of a git commit under GDPR rules in the first place? github has the following page mentioning the "Right to erasure" but AFAICS nothing about how it will be implemented https://about.gitlab.com/gdpr/ Here are discussions I found but they do not really provide a solution: https://law.stackexchange.com/questions/24623/gdpr-git-history https://news.ycombinator.com/item?id=16509755 Best wishes Peter -- Peter Backes, rtc@xxxxxxxxxxxxxxxxxxx
