At 22:52 +0000 11 Jun 2020, "brian m. carlson" <sandals@xxxxxxxxxxxxxxxxxxxx> wrote:
On 2020-06-11 at 21:25:45, Shreya Malviya wrote:My question: It would be much easier if git didn't allow changing the email address so easily. Why hasn't git implemented OAuth, or something of that sort, for every time that the email address is changed in ~/.gitconfig, yet?This is a local configuration file, so asking someone to implement OAuth to change a local configuration file wouldn't be helpful. Many Git servers are, for example, SSH only, and so OAuth isn't even a possibility.
Beyond that, even if git *did* somehow provide strong authentication of the configured email address for commits, it's open source software so people could still quite easily disable that authentication to spoof commits as other people. They could also use some other software (possibly that they write themselves) that manipulates a repository without doing that authentication.
While the data is entirely on an untrusted system (however you want to define trusted), the operator of that system will always be able to manipulate that data.
The alternative to this would be to require all commits to be cryptographically signed. But, most projects consider that to be too much of a burden. After all that only covers who made the changes, while for many things the content of the changes is much more important.
Attachment:
signature.asc
Description: PGP signature
