Hi, On Tue, Jun 15, 2010 at 5:23 PM, Santiago Gala <santiago.g...@gmail.com> wrote: > El lun, 14-06-2010 a las 20:28 +0200, Jukka Zitting escribió: >> Basically, if someone comes and asks how a particular piece of IP >> ended up in a Git repository, Git itself can't answer that question. >> All it gives you is the change itself and the associated commit >> metadata that can be pretty much anything. > > I don't completely understand what do you mean here. A subversion > repository can be manipulated by an "insider" in pretty much the same > way as a git one.
Sure, ultimately all we have is just social contract based on trust. Currently at ASF those "insiders" are the handful of highly trusted people with root access. That trust model does not scale out to all our committers. We could achieve similar social control of Git repositories if we adopted a more hierarchical committer model. That's what for example Linux does, as pointed out by Kevin. However, such a model would require a major redefinition of the Apache Way. > Re: the difference between Author and Committer, the people planning the > migration from subversion to mercurial for python are considering the > possibility to have a commit hook that checks the Author tags and make > sure that all Authors or Committers in a changeset have filed a > Contributor Agreement... We get this (and much more) with Gerrit. BR, Jukka Zitting --------------------------------------------------------------------- To unsubscribe, e-mail: labs-unsubscr...@labs.apache.org For additional commands, e-mail: labs-h...@labs.apache.org
