[Kde-scm-interest] Accountability, concrete suggestion

Pieter de Bie pieter at frim.nl
Thu Jul 31 16:06:16 CEST 2008 

On 31 jul 2008, at 15:07, Thomas Zander wrote:

> When Diana makes several translations she does this on a git  
> checkout. She
> then commits her changes and emails or pushes her changes to Carlos.
> Making a commit in Git is something that is done in several steps  
> and the last
> step is to create a commit message.  Diana will use a way of  
> committing[1]
> that takes the commit message, the tree (including her changes) and  
> her email
> address and it will gpg-sign that information.
> This signature will be added to the logmessage, probably as a one- 
> liner of
> ascii data.

If you want to sign the tree that includes Diana's changes, you have  
to make
sure that you also know on which tree the changes were applied. This
information might not be available in every patch, and if you apply  
the patch
on a different source tree, you will get another final tree, and the  
sha1 will
not match.

Why not use a hash of Diana's patch instead of the final tree? That  
way the
patch can be applied on every tree and still retain a valid sha1.

Don't you think all this signing off will make it harder for first- 
timers to
send in a patch? Or is this purely optional, for people that don't  
have commit
access but don't want to put the responsibility on the maintainer? Why  
not
give them commit access?

> The effect of signing this is that we can now send around that patch  
> and merge
> it into any tree without loosing the information about who really  
> initially
> created that patch.
>
> Ok, back to our Carlos usecase;  Diana created the patch, she signed  
> it and
> then pushes it to Carlos.  Carlos checks the signature using some  
> custom
> script to make sure the commit really is from Diana and he merges it  
> into his
> tree.
> At a later point he pushes all the changes he has, including the one  
> from
> Diana, to the kde-server.
> The commit is registered by the kde-server as being made by Carlos,  
> but Carlos
> can point to the signature to indicate that, really, Diana was the  
> one that
> made this commit.

Have you thought about using person-specific branches? For example,  
let's take
the previous use case with Diana. Diana does not have push access to a  
specifc
project, but she does have push access to her own namespace (branches/ 
diana/*
perhaps). She pushes her change to her own branch, and asks Carlos to  
pull it.
Carlos merges the branch, and pushes it. The server-side hook can see  
that the
patch originated from diana's namespace, and give accountability to her.

You might even use something like git patch-id to make this possbile  
for random
patches, so that accountability remains after a rebase.

- Pieter

More information about the Kde-scm-interest mailing list