Question about authentication methods

Jens Alfke jens at mooseyard.com
Fri Apr 30 22:53:38 CDT 2010


On Apr 30, 2010, at 5:57 PM, John Ament wrote:

> Is there any way to enforce the username to be the credentials of the user who can push? Or somehow force the username value to be the OS value logged in as user? Or even anything along these lines?

Committing and pushing are very different things. Pushing is just moving commits around between repositories. The commits being pushed aren’t necessarily even by the user doing the pushing. (If you pull someone else’s commits from repo A, then push to repo B, you’re sending those commits to repo B even though you didn’t create them. This is pretty common.)

The problem with authenticating commits is that commits don’t have any notion of client and server. A commit just happens locally on a machine. The only feasible way to authenticate a commit is with a digital signature. Mercurial doesn’t have built-in support for this AFAIK, but there might be extensions that provide hooks to sign commits. Of course then you still have the complexity of managing the keys and certificates.

—Jens


More information about the Mercurial mailing list