> I can't imagine GitHub have much incentive to > implement the type of fine-grained force-push permissions we would need
There are fine-grained "File and branch conditions" in mercurial-server that can prevent these sorts of pushes from succeeding. [1] [1] http://dev.lshift.net/paul/mercurial-server/docbook.html#id1333360 On Sunday, November 10, 2013 4:42:53 PM UTC-6, Christopher wrote: > > With 678 members in the jenkinsci organisation, we're probably > relatively exceptional; I can't imagine GitHub have much incentive to > implement the type of fine-grained force-push permissions we would need. > > Plus I think even with the number of members we have, git accidents are > very rare, i.e. it's likely easier to fix mistakes in git, than to > maintain a big set of permissions for new and existing users/repos. > > BTW, out of curiosity, how did you manage to force push such a large > number of repositories at the same time? :) > > Regards, > Chris > > > On 11/10/2013 10:40 PM, Luca Milanesio wrote: > > That's really pitty :-( ... force push are dangerous, especially if you > > don't have control over the Git Server. > > > > Typically recovering a force push is straightforward: > > 1. git reflog > look at the SHA-1 before the forced push > > 2. git branch -f <name> <sha-1> > > > > But if you don't have control over the Git repo on the Server, that you > > need to prevent force push to happen: unless they want everyone to buy > > GH Enterprise ! > > > > I still hope GitHub will do 1. and 2. for us :-) > > > > Luca. > > > > On 10 Nov 2013, at 19:52, Marcus Bauer <[email protected] <javascript:> > > <mailto:[email protected] <javascript:>>> wrote: > > > >> Hi, > >> > >> I don't think GitHub.com <http://GitHub.com> has any possibilities for > >> disabling force pushes, this seems to be exclusive to GH Enterprise > >> <https://enterprise.github.com/help/articles/disable-force-pushes> > only. > >> > >> The JaCoCo repo where I initially noticed this was restored by Dominik > >> Stadler (centic9) few minutes ago. > >> > >> Marcus > >> > >> Am Sonntag, 10. November 2013 19:55:08 UTC+1 schrieb lucamilanesio: > >> > >> Hi all, > >> I have triggered an involuntary "forced push" last night on the > >> list of Jenkins-CI plugins indicated below in this e-mail. > >> > >> *_My apology _* > >> > >> I did not realise that I actually had forced push permissions and > >> I do apologise for the inconvenience caused. > >> The operations pushed back the all the branches to around 1 month. > >> The history is not lost and is still on the GitHub server but on > >> detached branches. > >> > >> *_The solution_* > >> *_ > >> _* > >> I can raise a request to GitHub to provide the "reflog" of those > >> repositories and restore the branches to the point before my > >> forced push. > >> /_Alternatively the owners of those repositories can still perform > >> a "forced push" to restore the correct position of the branches._/ > >> (if you would like to do so, *_please write to the mailing list so > >> that we do not overlap the recovery operations_*) > >> > >> *_The full list_* > >> > >> See below the full list of repositories impacted: > >> > >> antexec-plugin.git > >> artifactory-plugin.git > >> associated-files-plugin.git > >> audit2db-plugin.git > >> audit-trail-plugin.git > >> backend-pull-request-greeter.git > >> beaker-builder-plugin.git > >> branch-api-plugin.git > >> build-flow-plugin.git > >> buildgraph-view.git > >> build-pipeline-plugin.git > >> build-timeout-plugin.git > >> buildtriggerbadge-plugin.git > >> bytecode-compatibility-transformer.git > >> ci-game-plugin.git > >> clearcase-plugin.git > >> clearcase-ucm-plugin.git > >> cloudbees-folder-plugin.git > >> cloudbees-plugin-gateway.git > >> cloudtest-plugin.git > >> clover-plugin.git > >> cobertura-plugin.git > >> collabnet-plugin.git > >> collapsing-console-sections-plugin.git > >> compact-columns-plugin.git > >> compress-artifacts-plugin.git > >> conditional-buildstep-plugin.git > >> config-file-provider-plugin.git > >> configurationslicing-plugin.git > >> copyartifact-plugin.git > >> copy-project-link-plugin.git > >> copy-to-slave-plugin.git > >> cppcheck-plugin.git > >> credentials-plugin.git > >> crowd2-plugin.git > >> crowd-plugin.git > >> customtools-plugin.git > >> cvsclient.git > >> cvs-plugin.git > >> dashboard-view-plugin.git > >> datical-db-plugin.git > >> dependency-check-plugin.git > >> deploy-plugin.git > >> disable-failed-job-plugin.git > >> disk-usage-plugin.git > >> doclinks-plugin.git > >> dry-plugin.git > >> dynamic-axis-plugin.git > >> ec2-plugin.git > >> elastic-axis-plugin.git > >> email-ext-plugin.git > >> envinject-lib.git > >> envinject-plugin.git > >> extended-choice-parameter-plugin.git > >> extra-columns-plugin.git > >> extras-executable-war.git > >> extreme-feedback-plugin.git > >> gearman-plugin.git > >> gerrit-trigger-plugin.git > >> gitbucket-plugin.git > >> git-chooser-alternative-plugin.git > >> git-client-plugin.git > >> git-plugin.git > >> global-build-stats-plugin.git > >> global-variable-string-parameter-plugin.git > >> gradle-jpi-plugin.git > >> grails-plugin.git > >> greenballs-plugin.git > >> groovy-postbuild-plugin.git > >> heavy-job-plugin.git > >> hockeyapp-plugin.git > >> http-request-plugin.git > >> humbug-plugin.git > >> instant-messaging-plugin.git > >> integrity-plugin.git > >> ironmq-notifier-plugin.git > >> ivytrigger-plugin.git > >> jacoco-plugin.git > >> jclouds-plugin.git > >> jira-plugin.git > >> jobConfigHistory-plugin.git > >> job-dsl-plugin.git > >> job-import-plugin.git > >> job-poll-action-plugin.git > >> jquery-plugin.git > >> jquery-ui-plugin.git > >> json-lib.git > >> kiuwan-plugin.git > >> label-verifier-plugin.git > >> ldap-plugin.git > >> leiningen-plugin.git > >> lib-annotation-indexer.git > >> lib-task-reactor.git > >> lib-windows-remote-command.git > >> literate-cli.git > >> logfilesizechecker-plugin.git > >> m2release-plugin.git > >> m2-repo-reaper-plugin.git > >> mailer-plugin.git > >> matrix-auth-plugin.git > >> maven-hpi-plugin.git > >> maven-info-plugin.git > >> mercurial-plugin.git > >> mesos-plugin.git > >> metadata-plugin.git > >> mock-security-realm-plugin.git > >> msbuild-plugin.git > >> naginator-plugin.git > >> nerrvana-plugin.git > >> nested-view-plugin.git > >> next-build-number-plugin.git > >> next-executions-plugin.git > >> parameterized-trigger-plugin.git > >> perforce-plugin.git > >> performance-plugin.git > >> persona-plugin.git > >> pitmutation-plugin.git > >> plain-credentials-plugin.git > >> plugin-compat-tester.git > >> postbuildscript-plugin.git > >> promoted-builds-plugin.git > >> prqa-plugin.git > >> publish-over-cifs-plugin.git > >> puppet-jenkins.git > >> radiatorview-plugin.git > >> rapiddeploy-plugin.git > >> release-plugin.git > >> repo-plugin.git > >> rich-text-publisher-plugin.git > >> robot-plugin.git > >> run-condition-plugin.git > >> rvm-plugin.git > >> scm2job-plugin.git > >> scm-api-plugin.git > >> scoring-load-balancer-plugin.git > >> script-scm-plugin.git > >> selenium-axis-plugin.git > >> selenium-builder-plugin.git > >> selenium-tests.git > >> skype-im-plugin.git > >> skytap-cloud-plugin.git > >> smartfrog-plugin.git > >> sms-plugin.git > >> sounds-plugin.git > >> ssh-agent-plugin.git > >> ssh-credentials-plugin.git > >> sshd-module.git > >> ssh-slaves-plugin.git > >> starteam-plugin.git > >> stashnotifier-plugin.git > >> subversion-plugin.git > >> suppress-stack-trace-plugin.git > >> swarm-plugin.git > >> synergy_scm-plugin.git > >> tap-plugin.git > >> teamconcert-plugin.git > >> testlink-plugin.git > >> tfs-plugin.git > >> thin-backup-plugin.git > >> throttle-concurrent-builds-plugin.git > >> tikal-multijob-plugin.git > >> timestamper-plugin.git > >> token-macro-plugin.git > >> transifex-plugin.git > >> translation-plugin.git > >> trilead-ssh2.git > >> unity3d-plugin.git > >> veracode-scanner-plugin.git > >> view-job-filters-plugin.git > >> virtualbox-plugin.git > >> vsphere-cloud-plugin.git > >> vstestrunner-plugin.git > >> walldisplay-plugin.git > >> warnings-plugin.git > >> weblogic-deployer-plugin.git > >> winstone.git > >> wix-plugin.git > >> ws-cleanup-plugin.git > >> xcode-plugin.git > >> xstream.git > >> xtrigger-lib.git > >> xunit-plugin.git > >> xvfb-plugin.git > >> xvnc-plugin.git > >> > >> *_The prevention_* > >> > >> Can we prevent this to happen again ? > >> I personally do not work on any of those repositories but still > >> have "forced push" permissions ... and so many other people have. > >> I don't see the value of having such power of "potential > >> disruption" associated to my account :-( ... can we remove the > >> forced push by default and enable on a case-by-case basis ? > >> > >> --- * --- > >> > >> If you would like to propose an alternative approach to resolve > >> the problem, feel free to follow-up ! > >> > >> ... and again ... accept my sincere apologies :-( > >> > >> Luca. > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
