验证Mercurial签到 [英] Verify Mercurial Checkins

问题描述

是否有任何方法可以验证/验证Mercurial中的签到?我想在我们的组织(超过60个开发人员)中推广HG，并希望有一种方法来确保每个人的签到都是来自正确的用户，并且都采用正确的格式.

Is there any way to verify/authenticate checkins in Mercurial? I'd like to roll out HG across our organisation (60+ developers) and I'd like a way to ensure everyone's checkins are from the correct user and that they are all in the correct format.

在试用期间，我们发现某些用户使用以下完全不同的用户名(复制了他人的.hgrc文件)签入，其他用户使用多种不同版本的名称(名字，全名，电子邮件地址等)签入.不同的客户.

During trials we found that some users checked in under completely different usernames (copied someone else's .hgrc file) and others checked in under a number of different versions of their name (first name, full name, email address, etc) using different clients.

我们可以添加一个钩子来强制使用用户名的格式，但是仍然不能保证它是正确的用户. Mercurial有什么可以解决的吗?还是我只是停留在CVS/SVN的思维方式上?

We could add a hook to enforce the format of the username but it still doesn't guarantee that it's the correct user. Does Mercurial have anything to manage this or am I just stuck in a CVS/SVN way of thinking?

谢谢， 戴夫.

推荐答案

大多数情况下，您采用的是CVS/SVN思维方式-如果您的员工不诚实，无论如何您都会被搞砸. :)但是，其他人可以通过多种方法来处理此问题:

Mostly you're in a CVS/SVN way of thinking -- if your employees are dishonest you're screwed anyway. :) However, there are a few ways that other folks have handled this using a variety of techniques:

• mozilla和其他一些人添加了一个可见的推送日志，该日志显示了谁将每个cset移到了每个存储库中，因此您在此过程中会隐式获得批准
• 使用 gpg扩展，您可以确保cset已签名并快速编写changegroup钩子，以确保进入受保护回购协议的csets由其作者签名
• 您可以编写一个钩子，将名称的电子邮件部分与$REMOTE_USER变量(对于http)或$USER(对于ssh)进行比较，并要求它与推送用户匹配.

• mozilla and some others have added a viewable pushlog that shows who moved each cset into each repo, so you get an implicit approval step along the way
• using the gpg extension you can make sure that csets are signed and write a quick changegroup hook to make sure that an csets entering a protected repo were signed by their author
• you can write a hook that compares the email portion of the name to the $REMOTE_USER variable (for http) or to $USER (for ssh) and require that it match the push-ing user.

这些都不能阻止错误的提交，但是您可以阻止错误的提交进入如此受保护的存储库.

None of those prevent a false commit, but you can stop a false commit from entering a thusly guarded repo.

尽管如此，实际上，这并不是每个人(包括我)想象的问题.最终会在不同的机器上带来许多同名的变体，但是任何由用户名(搅动等)起作用的命令都将使用别名映射来帮助您对它们进行分组(如果有的话).

Again though, in practice, it's just not the problem that everyone (including me) imagines it will be. One does end up with many variants of the same name from different machines, but any command that works by usernames (churn, etc.) will take an alias map to help you group them if it matters.

这篇关于验证Mercurial签到的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！