On Mon, 5 Apr 2010, David Bainbridge wrote:
So this comment by Gé grabbed my attention:
I work in a heavily regulated industry, and legal concerns have been keeping
us from implementing any and all DVCSes until now.
I wonder what has changed? Is it a greater understanding of some of
the issues discussed in the mail?
The biggest issue is that you cannot be 100% sure who committed code when
you can trivially commit pretending to be anyone and move code by merging
with 'unofficial' repositories. The person pushing a change to the central
repository is not necessarily the person who made the change, and that
affects auditability and forensic analysis. That's an issue in an industry
where being a dishonest insider can potentially make you wealthy.
Gé
_______________________________________________
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
