Audit options with Mercurial

Arne Babenhauserheide arne_bab at
Sun Jan 23 11:51:22 CST 2011

On Saturday 22 January 2011 13:56:12 pallikkattil wrote:
> Our current source control system Harvest has security groups assigned for
> code promotions. So dev team leads can do code review and promote the code
> to qa state. QA team does QA only their team can promote code to production
> staging state and once all directors approve the code for production the
> production team push the code to production. So harvest keeps track of all
> the people who approved this code for production and provides reports for
> auditors as to what code change was approved by whom and when. I am looking
> for something similar in Mercurial i.e. the approval workflow and ability to
> report on it.

This sounds like a nice usecase for seperate clones: 

• The dev team team works in the dev-repository and can push the code to the 
QA repository. 

• The QA team works in the QA-repository and can push the code from QA to the 
production-staging repository. 

• The directors work on production-staging and can push the code to 

To make sure that the code has really been checked by all, you can require 
that all heads must be GnuPG signed in order to enter a higher-up repository. 

To make this workflow more secure, the QA team could push all their changes to 
the dev repo first and require doublechecking from the devs, and the directors 
could push all their changes to QA. Then developers, QA and directors have to 
sign the head revision to get it into production. 

For the reports you can for example use this: 

	for h in $(hg heads --template "{node}\n"); do hg sigcheck $h ; done

For an existing signature this gives something like 

	5976560e6777 is signed by:
	 Arne Babenhauserheide (Physikliebhaber, Hobbysänger und Ideenspringquell)
 	<arne_bab at>

For missing signatures you get 

	No valid signature for a6bc9b77e768

A signature approves all ancestors of the signed revision. 

You can check all signatures via 

	hg sigs

This requires the GPG extension:

Also see:

Best wishes, 
Unpolitisch sein
heißt politisch sein, 
ohne es zu merken. 
- Arne (

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <>

More information about the Mercurial mailing list