On Fri, 3 Mar 2023 at 02:24, <rsbecker@xxxxxxxxxxxxx> wrote: > the core.user and core.email are associated with a nameless single sign on (SSO), or tokenized user, in order to be compliant from a regulatory standpoint. This includes GDPR in Europe and the Privacy Act in Canada. In these cases, there is no identifying information in the commit itself, but externally in the organization's HR and IT departments where identifying information is tightly controlled. I wish git would make this a core feature. I think it is one of the few oversights in the core design of git that there isn't a built indirection on author and committer data. It should be possible to "forget" an author or committer without having to rewrite the repo. IMO, one day in the future this design deficiency will cause some very expensive remedial work in the git space, and IMO it is only a question of when, but sods law says it will be at some very inconvenient time. It really should be technically simple to remedy as well, replacing author and committer data with a hash or ID which is used to indirect into a file of author information that is *not* version controlled would essentially solve it. If someone wanted to change their name they would update the file, if they wanted to be forgotten they could simply delete that line from the file and push it. While not a 100% complete solution it would go a LONG way to address most people's privacy concerns and other practical identity management concerns (eg, "my email changed"). The .mailmap support is just a bandaid, it doesn't actually address the core problem and in fact in some ways it makes it worse. If git provided support for hooking the id lookups then queries to resolve the ID or names could be made to a third party software or service, like an open source service for the public, or an internal service owned by HR in the corporate context. It isn't rocket science, it just requires recognition that names are not static identifiers. cheers, Yves
