使用git钩子,我该如何强制或检查用户身份? [英] With a git hook, how do I force or check user identity?
问题描述
我正在尝试安装gitolite服务器。我在git中发现一个令人讨厌的问题是在提交代码时未检查用户名。
这可能导致可能的身份钓鱼,其中user1可以提交一些伪代码并将user2设置为用户名。然后我们会责怪user2。
我正在寻找一种方法来检查或强制用户名与提交者的身份一致。
$ b $你可以使用 git commit -S
来签名你的提交(只有自git 1.7.9以后才可用) )然后你可以使用服务器端的git钩子来拒绝任何未签名的提交。
来源:< a href =http://phreaknerd.wordpress.com/2012/02/09/signing-git-commits-with-your-gpg-key/ =nofollow> http://phreaknerd.wordpress.com / 2012/02/09 / signing-git-commit-with-your-gpg-key /
I'm trying to setup a gitolite server. One problem that I find annoying in git is the username is not checked when committing code.
This can lead to a possible "identity phishing" where user1 can commit some bogus code and set user2 as username. Then we'll blame user2.
I'm looking for a way to check or force the username to be consistent with the committer's identity.
You can sign your commits using: git commit -S
(only available since git 1.7.9)
You can then use a server-side git hook to refuse any unsigned commit.
Source: http://phreaknerd.wordpress.com/2012/02/09/signing-git-commits-with-your-gpg-key/
这篇关于使用git钩子,我该如何强制或检查用户身份?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!