| 1 |
In gentoo git tree all git commits will be signed by commiter gpg keys |
| 2 |
(and this will be requerd!) |
| 3 |
|
| 4 |
Aaron W. Swenson писал 2012-05-25 00:00: |
| 5 |
> -----BEGIN PGP SIGNED MESSAGE----- |
| 6 |
> Hash: SHA256 |
| 7 |
> |
| 8 |
> On 05/24/2012 03:57 PM, Dan Douglas wrote: |
| 9 |
>> Git is about decentralized version control. When you clone a repo, |
| 10 |
>> you have your own "fork". When everyone has their own branch, |
| 11 |
>> everyone is effectively equal. So yes you can expect much much |
| 12 |
>> more forking. In Git land, forks are good. There's no way to |
| 13 |
>> enforce that people only pull from some "official" source. |
| 14 |
>> |
| 15 |
>> It works out in practice so that 99% of the time people only care |
| 16 |
>> about a couple branches of one repository. Counterintuitively, this |
| 17 |
>> comes as a side- effect of git actually doing distribution properly |
| 18 |
>> and making it easier for everybody's workflow. The overlay model by |
| 19 |
>> contrast is quite broken on its own and virtually forces creation |
| 20 |
>> of new overlays in order to make changes without the benifits of |
| 21 |
>> version control (with regards to the rsync tree at least). |
| 22 |
>> |
| 23 |
>> What Github does is facilitate making it easy to fork/branch and |
| 24 |
>> provide a central way to push changes back into a remote through |
| 25 |
>> pull requests. Pull requests and other web services around git |
| 26 |
>> hosting are pretty much the thing that makes github worth using. |
| 27 |
>> From the standpoint of accepting patches, the differenc e to you is |
| 28 |
>> rather than (or in addition to) accepting patches through bugzilla, |
| 29 |
>> you can choose to accept a push directly from someone else's copy |
| 30 |
>> of the repo. It isn't like a wiki - everybody commits to their own |
| 31 |
>> repositories and pushing to a remote is on a whitelist basis just |
| 32 |
>> like in centralized version control. |
| 33 |
> |
| 34 |
> This gets us into another topic altogether. |
| 35 |
> |
| 36 |
> I do believe git pull-requests should go through Bugzilla. A |
| 37 |
> pull-request is the equivalent to bump requests, patch fixes, and all |
| 38 |
> sorts of stuff that we already handle through Bugzilla. Bugzilla also |
| 39 |
> contains our history. |
| 40 |
> |
| 41 |
> If they happen to be needing to be pulled from github, that's fine. |
| 42 |
> Definitely convenient for the contributor. |
| 43 |
> |
| 44 |
> We'll also need to clearly document how the pull-request is to be |
| 45 |
> generated. (I vote for requiring signed pull-requests. [1]) |
| 46 |
> |
| 47 |
> github should not be our central point of contact. We have b.g.o for |
| 48 |
> that. github should be on the fringes as a tool that we can use if we |
| 49 |
> want to. |
| 50 |
> |
| 51 |
> [1] |
| 52 |
> |
| 53 |
> http://git-blame.blogspot.com.ar/2012/01/using-signed-tag-in-pull-requests.html |
| 54 |
> |
| 55 |
> - - Aaron |
| 56 |
> -----BEGIN PGP SIGNATURE----- |
| 57 |
> Version: GnuPG v2.0.17 (GNU/Linux) |
| 58 |
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ |
| 59 |
> |
| 60 |
> iF4EAREIAAYFAk++oYEACgkQVxOqA9G7/aC1WgD/V33WU0Cvc/po2Evrrjk6fM4d |
| 61 |
> IHt8FtD21rKfyrxmCeQA/A7t/nCJOA5UURm2ILAraPLWu598G8bKV7RNKtRKrqhQ |
| 62 |
> =MVyV |
| 63 |
> -----END PGP SIGNATURE----- |
| 64 |
|
| 65 |
-- |
| 66 |
Best Regards, |
| 67 |
Alexey 'Alexxy' Shvetsov |
| 68 |
Petersburg Nuclear Physics Institute, NRC Kurchatov Institute, |
| 69 |
Gatchina, Russia |
| 70 |
Department of Molecular and Radiation Biophysics |
| 71 |
Gentoo Team Ru |
| 72 |
Gentoo Linux Dev |
| 73 |
mailto:alexxyum@×××××.com |
| 74 |
mailto:alexxy@g.o |
| 75 |
mailto:alexxy@×××××××××××××.ru |
Archives