New features in Git 2.2.0
[Posted December 2, 2014 by corbet]
The "Atlassian Developers" site has
a
summary of interesting features in the recent Git 2.2.0 release,
including signed pushes. "
This is an important step in preventing
man-in-the-middle attacks and any other unauthorized updates to your
repository's refs. git push has learnt the --signed flag which
applies your
GPG signature to a "push certificate" sent over the wire during the push
invocation. On the server-side, git receive-pack (the command
that handles
incoming git pushes) has learnt to verify GPG-signed push
certificates. Failed verifications can be used to reject pushes and those
that succeed can be logged in a file to provide an audit log of when and
who pushed particular ref updates or objects to your git server."
(
Log in to post comments)
LWN