On Thu, May 3, 2012 at 5:51 AM, [email protected] <[email protected]> wrote: > The ArduPilot project just lost a bunch of commits in our git > repository because of this bug. A user who was not experienced with > git did a forced push of an old checkout on top of our master > repository, then other people who got the resulting pull errors tried > to fix it by doing pushes of their own. > I've sorted it out by restoring from one of my own clones and bringing > in all the missing commits I could find, but this really is just a > disaster waiting to happen with all git based projects on > code.google.com. > It is normal when running a shared git repository to prevent this like > this: > > [receive] > denyNonFastforwards = true > denyDeletes = true > > It not only prevents mistakes like what happened to us today, it is > also an important security measure. It is only a matter of time before > some malicious user rewrites the history of a project in a subtle way > to introduce a security hole. That is much harder to get away with if > you can only do fast forward pushes. > So _please_ can we get an administrative option to set the above > options on our repositories?
Star the issue so we get an idea of its relative importance. I'd (personally) like to have this option, but it's not a trivial amount of engineering work as we don't run cgit on normal storage (it's mostly custom storage). > Cheers, Tridge > > -- > You received this message because you are subscribed to the Google Groups > "Project Hosting on Google Code" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-code-hosting?hl=en. > -- You received this message because you are subscribed to the Google Groups "Project Hosting on Google Code" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-code-hosting?hl=en.
