+1 Rewrite history on a public repo opens the door for very catastrophic situations.
On Fri, Aug 29, 2014 at 7:23 AM, Ian Duffy <i...@ianduffy.ie> wrote: > > So, I’m told that we need to discuss this issue and only after a > decision/voting they would implement such a change? What do you think, what > are the pros and cons of disabling force pushes and should we do it? > > Definitely a +1 on disabling. forced pushing in my view should be never > used on a public repository. It can break somebodies pull and reset/rewrite > history in a repo. > > There should be no reason for anybody to ever have a requirement to do a > force push. Git supplies us with a revert that will allow us to undo > commits without destroying history. > > > On 29 August 2014 12:57, Rohit Yadav <rohit.ya...@shapeblue.com> wrote: > > > Hi all, > > > > I found by accident that you can force push on branches on our ACS/ASF > > repo. > > > > So, I’m concerned that anyone could do a force push, sneak in changes on > > ACS/ASF branches; opensource projects have had issues with people > changing > > histories, putting backdoors and whatnot, so I would like to avoid that. > > For example, I would like us to disable force-push(es) on our git repos > to > > avoid a situation like Jenkins had: > > > > > > > https://groups.google.com/forum/#!searchin/jenkinsci-dev/force$20push/jenkinsci-dev/-myjRIPcVwU/mrwn8VkyXagJ > > > > So, I requested the infra team [1] to disable force pushes on release and > > master branches because that made sense and I was told that they don’t > > allow force pushes on master (relief!) but not on release branches > because > > it would be hard to track the release branch names. I asked them if we > > should disable force pushed on all branches at all and if they people > want > > to do it, they can do it in their own private/github repos/forks. > > > > So, I’m told that we need to discuss this issue and only after a > > decision/voting they would implement such a change? What do you think, > what > > are the pros and cons of disabling force pushes and should we do it? > > > > [1] https://issues.apache.org/jira/browse/INFRA-8228 > > > > > > Regards, > > Rohit Yadav > > Software Architect, ShapeBlue > > M. +41 779015219 | rohit.ya...@shapeblue.com > > Blog: bhaisaab.org | Twitter: @_bhaisaab > > > > > > > > Find out more about ShapeBlue and our range of CloudStack related > services > > > > IaaS Cloud Design & Build< > > http://shapeblue.com/iaas-cloud-design-and-build//> > > CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/> > > CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/> > > CloudStack Infrastructure Support< > > http://shapeblue.com/cloudstack-infrastructure-support/> > > CloudStack Bootcamp Training Courses< > > http://shapeblue.com/cloudstack-training/> > > > > This email and any attachments to it may be confidential and are intended > > solely for the use of the individual to whom it is addressed. Any views > or > > opinions expressed are solely those of the author and do not necessarily > > represent those of Shape Blue Ltd or related companies. If you are not > the > > intended recipient of this email, you must neither take any action based > > upon its contents, nor copy or show it to anyone. Please contact the > sender > > if you believe you have received this email in error. Shape Blue Ltd is a > > company incorporated in England & Wales. ShapeBlue Services India LLP is > a > > company incorporated in India and is operated under license from Shape > Blue > > Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in > Brasil > > and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd > is > > a company registered by The Republic of South Africa and is traded under > > license from Shape Blue Ltd. ShapeBlue is a registered trademark. > > > -- *Nate Gordon*Director of Technology | Appcore - the business of cloud computing® Office +1.800.735.7104 | Direct +1.515.612.7787 nate.gor...@appcore.com | www.appcore.com ---------------------------------------------------------------------- The information in this message is intended for the named recipients only. It may contain information that is privileged, confidential or otherwise protected from disclosure. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this message is strictly prohibited. If you have received this e-mail in error, do not print it or disseminate it or its contents. In such event, please notify the sender by return e-mail and delete the e-mail file immediately thereafter. Thank you.
