With 678 members in the jenkinsci organisation, we're probably
relatively exceptional; I can't imagine GitHub have much incentive to
implement the type of fine-grained force-push permissions we would need.
Plus I think even with the number of members we have, git accidents are
very rare, i.e. it's likely easier to fix mistakes in git, than to
maintain a big set of permissions for new and existing users/repos.
BTW, out of curiosity, how did you manage to force push such a large
number of repositories at the same time? :)
Regards,
Chris
On 11/10/2013 10:40 PM, Luca Milanesio wrote:
That's really pitty :-( ... force push are dangerous, especially if you
don't have control over the Git Server.
Typically recovering a force push is straightforward:
1. git reflog > look at the SHA-1 before the forced push
2. git branch -f <name> <sha-1>
But if you don't have control over the Git repo on the Server, that you
need to prevent force push to happen: unless they want everyone to buy
GH Enterprise !
I still hope GitHub will do 1. and 2. for us :-)
Luca.
On 10 Nov 2013, at 19:52, Marcus Bauer <[email protected]
<mailto:[email protected]>> wrote:
Hi,
I don't think GitHub.com <http://GitHub.com> has any possibilities for
disabling force pushes, this seems to be exclusive to GH Enterprise
<https://enterprise.github.com/help/articles/disable-force-pushes> only.
The JaCoCo repo where I initially noticed this was restored by Dominik
Stadler (centic9) few minutes ago.
Marcus
Am Sonntag, 10. November 2013 19:55:08 UTC+1 schrieb lucamilanesio:
Hi all,
I have triggered an involuntary "forced push" last night on the
list of Jenkins-CI plugins indicated below in this e-mail.
*_My apology _*
I did not realise that I actually had forced push permissions and
I do apologise for the inconvenience caused.
The operations pushed back the all the branches to around 1 month.
The history is not lost and is still on the GitHub server but on
detached branches.
*_The solution_*
*_
_*
I can raise a request to GitHub to provide the "reflog" of those
repositories and restore the branches to the point before my
forced push.
/_Alternatively the owners of those repositories can still perform
a "forced push" to restore the correct position of the branches._/
(if you would like to do so, *_please write to the mailing list so
that we do not overlap the recovery operations_*)
*_The full list_*
See below the full list of repositories impacted:
antexec-plugin.git
artifactory-plugin.git
associated-files-plugin.git
audit2db-plugin.git
audit-trail-plugin.git
backend-pull-request-greeter.git
beaker-builder-plugin.git
branch-api-plugin.git
build-flow-plugin.git
buildgraph-view.git
build-pipeline-plugin.git
build-timeout-plugin.git
buildtriggerbadge-plugin.git
bytecode-compatibility-transformer.git
ci-game-plugin.git
clearcase-plugin.git
clearcase-ucm-plugin.git
cloudbees-folder-plugin.git
cloudbees-plugin-gateway.git
cloudtest-plugin.git
clover-plugin.git
cobertura-plugin.git
collabnet-plugin.git
collapsing-console-sections-plugin.git
compact-columns-plugin.git
compress-artifacts-plugin.git
conditional-buildstep-plugin.git
config-file-provider-plugin.git
configurationslicing-plugin.git
copyartifact-plugin.git
copy-project-link-plugin.git
copy-to-slave-plugin.git
cppcheck-plugin.git
credentials-plugin.git
crowd2-plugin.git
crowd-plugin.git
customtools-plugin.git
cvsclient.git
cvs-plugin.git
dashboard-view-plugin.git
datical-db-plugin.git
dependency-check-plugin.git
deploy-plugin.git
disable-failed-job-plugin.git
disk-usage-plugin.git
doclinks-plugin.git
dry-plugin.git
dynamic-axis-plugin.git
ec2-plugin.git
elastic-axis-plugin.git
email-ext-plugin.git
envinject-lib.git
envinject-plugin.git
extended-choice-parameter-plugin.git
extra-columns-plugin.git
extras-executable-war.git
extreme-feedback-plugin.git
gearman-plugin.git
gerrit-trigger-plugin.git
gitbucket-plugin.git
git-chooser-alternative-plugin.git
git-client-plugin.git
git-plugin.git
global-build-stats-plugin.git
global-variable-string-parameter-plugin.git
gradle-jpi-plugin.git
grails-plugin.git
greenballs-plugin.git
groovy-postbuild-plugin.git
heavy-job-plugin.git
hockeyapp-plugin.git
http-request-plugin.git
humbug-plugin.git
instant-messaging-plugin.git
integrity-plugin.git
ironmq-notifier-plugin.git
ivytrigger-plugin.git
jacoco-plugin.git
jclouds-plugin.git
jira-plugin.git
jobConfigHistory-plugin.git
job-dsl-plugin.git
job-import-plugin.git
job-poll-action-plugin.git
jquery-plugin.git
jquery-ui-plugin.git
json-lib.git
kiuwan-plugin.git
label-verifier-plugin.git
ldap-plugin.git
leiningen-plugin.git
lib-annotation-indexer.git
lib-task-reactor.git
lib-windows-remote-command.git
literate-cli.git
logfilesizechecker-plugin.git
m2release-plugin.git
m2-repo-reaper-plugin.git
mailer-plugin.git
matrix-auth-plugin.git
maven-hpi-plugin.git
maven-info-plugin.git
mercurial-plugin.git
mesos-plugin.git
metadata-plugin.git
mock-security-realm-plugin.git
msbuild-plugin.git
naginator-plugin.git
nerrvana-plugin.git
nested-view-plugin.git
next-build-number-plugin.git
next-executions-plugin.git
parameterized-trigger-plugin.git
perforce-plugin.git
performance-plugin.git
persona-plugin.git
pitmutation-plugin.git
plain-credentials-plugin.git
plugin-compat-tester.git
postbuildscript-plugin.git
promoted-builds-plugin.git
prqa-plugin.git
publish-over-cifs-plugin.git
puppet-jenkins.git
radiatorview-plugin.git
rapiddeploy-plugin.git
release-plugin.git
repo-plugin.git
rich-text-publisher-plugin.git
robot-plugin.git
run-condition-plugin.git
rvm-plugin.git
scm2job-plugin.git
scm-api-plugin.git
scoring-load-balancer-plugin.git
script-scm-plugin.git
selenium-axis-plugin.git
selenium-builder-plugin.git
selenium-tests.git
skype-im-plugin.git
skytap-cloud-plugin.git
smartfrog-plugin.git
sms-plugin.git
sounds-plugin.git
ssh-agent-plugin.git
ssh-credentials-plugin.git
sshd-module.git
ssh-slaves-plugin.git
starteam-plugin.git
stashnotifier-plugin.git
subversion-plugin.git
suppress-stack-trace-plugin.git
swarm-plugin.git
synergy_scm-plugin.git
tap-plugin.git
teamconcert-plugin.git
testlink-plugin.git
tfs-plugin.git
thin-backup-plugin.git
throttle-concurrent-builds-plugin.git
tikal-multijob-plugin.git
timestamper-plugin.git
token-macro-plugin.git
transifex-plugin.git
translation-plugin.git
trilead-ssh2.git
unity3d-plugin.git
veracode-scanner-plugin.git
view-job-filters-plugin.git
virtualbox-plugin.git
vsphere-cloud-plugin.git
vstestrunner-plugin.git
walldisplay-plugin.git
warnings-plugin.git
weblogic-deployer-plugin.git
winstone.git
wix-plugin.git
ws-cleanup-plugin.git
xcode-plugin.git
xstream.git
xtrigger-lib.git
xunit-plugin.git
xvfb-plugin.git
xvnc-plugin.git
*_The prevention_*
Can we prevent this to happen again ?
I personally do not work on any of those repositories but still
have "forced push" permissions ... and so many other people have.
I don't see the value of having such power of "potential
disruption" associated to my account :-( ... can we remove the
forced push by default and enable on a case-by-case basis ?
--- * ---
If you would like to propose an alternative approach to resolve
the problem, feel free to follow-up !
... and again ... accept my sincere apologies :-(
Luca.
--
You received this message because you are subscribed to the Google Groups "Jenkins
Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
