undefined | Better HN

0 pointselric3y ago0 comments

There is a distinct lack of decent identity management/security in all of the version control systems I've used. It's a hard problem to solve, especially in a distributed/decentralized system (like git). Signing git-style commits is problematic in the face of merge conflicts or rebasing. A patch-style system (like Pijul) probably makes this easier: if everything is a patch, every patch can be signed atomically.

I'd really like to see a DCVS with better signing support and with some form of access control (on the remote), so every change can be traced back to the author, and so that some parts of a repo can only be modified by specific authors. Git hooks (on the remote) can sort of achieve the latter, but it's a bit of a pain.

0 comments

3 comments · 3 top-level

pmeunier3y ago

> A patch-style system (like Pijul) probably makes this easier: if everything is a patch, every patch can be signed atomically.

In Pijul, patch authors are public keys and patches are signed by default. The link with an author's identity is done outside of the patches to allow for changes in name or email address.

hgomersall3y ago

I don't see why the git way is problematic. It means someone is verifiably taking responsibility for all changes. That applies to conflicts and reading as much as normal commits.

Edit: I'm not saying there's not a better way, just that I don't understand the problem with git.

1 more reply

juped3y ago

If there's a "the remote", it's not a DVCS, and you can rely on ssh or whatever.

j / k navigate · click thread line to collapse