[Kde-scm-interest] accountability
Chani
chanika at gmail.com
Sat Nov 14 22:23:22 CET 2009
On November 13, 2009 08:06:49 Jeff Mitchell wrote:
> Ian Monroe wrote:
> > Which is why I like my simple flat-file log idea (a log of commit
> > hash, user id, maybe time). It doesn't open up any privacy issues
> > (since the info is already public) and would solve the problem by
> > using the commit hash, which is a nice security feature of git.
>
> You still have an issue in that the user id is internal to Gitorious and
> is meaningless without also providing further information, like email
> address, name, public ssh key, or some such thing.
>
> All of those could be seen as potential privacy issues; for instance,
> you might think the email address would be obvious, but what if a person
> is committing under a different email address than what they've given to
> Gitorious?
>
> --Jeff
>
I still don't understand why we need access to email addresses from some
gitorious database anyways. if you want to push to a kde repo, you have to be
in the kde-developers group. we can require people to agree to whatever's
needed at the time they join that group. all we need is a log of which kde
developer pushed what, right?
everything else you can get from a git clone...
--
This message brought to you by eevil bananas and the number 3.
www.chani3.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
Url : http://mail.kde.org/pipermail/kde-scm-interest/attachments/20091114/dcbaf375/attachment.sig
More information about the Kde-scm-interest
mailing list