Open Drealmer opened 8 years ago
robertmorrispainter
commented
8 years ago Block chain technology (Bitcoin) interests me for this very reason, but I haven`t had time to delve in yet. https://www.hastac.org/blogs/colemoore/2015/03/10/block-chain-futurism
JoshCheek
commented
8 years ago Even if you could access the push log, it doesn't necessarily mean much. Since git is decentralized, they could merge from each other's repositories (eg more than one remote repository), at which point, whichever repo you have the push-log of becomes only a subset of the history.
If this is actually a problem, then having them sign the commit is a pretty good option. Looks like git supports this already https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work
Hi all,
By design, each git commit carries the email of its author, and nothing prevents you from forging a commit that pretends to be from someone else.
When working on group projects, this might be problematic. Even if all students have the rights to modify anything, by changing their email address they can break stuff and blame it on somebody else. Now, the chances of this happening on purpose are really low, and the solution to this resides more on the social aspects of source control than on the technical ones, but still...
I am wondering if I can access the "push log" of a github repository, in order to check who sent which commit to the server.
The other option I am aware of is signing commits with an ssh key, but I don't think it would work with the built-in git integration of visual studio we are currently using (which is really convenient because it is dead simple, so I'd like to keep it that way). And also, if the repository can't be configured to reject unsigned commits this won't help much (I have to confess I have no idea if that is possible with github).
Any idea? Thanks.