This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |||
| chkid [2025/06/29 10:56] โ admin | chkid [2025/07/01 19:50] (current) โ admin | ||
|---|---|---|---|
| Line 9: | Line 9: | ||
| We implemented this signature system to ensure that people do not forge anyone else's name into a commit. So ALL the commits that are pushed via //Git Winch// will invariably contain a signature. And that signature can be checked from within //Git Winch// by anyone else who is also a registered user of your //Git Winch// coordination server; and has membership of the same repository too. Signatures of old members who had done an old commit; but are no longer in office, are also verifiable. | We implemented this signature system to ensure that people do not forge anyone else's name into a commit. So ALL the commits that are pushed via //Git Winch// will invariably contain a signature. And that signature can be checked from within //Git Winch// by anyone else who is also a registered user of your //Git Winch// coordination server; and has membership of the same repository too. Signatures of old members who had done an old commit; but are no longer in office, are also verifiable. | ||
| + | |||
| + | **NOTE: Git Commits contain the user's full name AND NOT the username**\\ | ||
| + | From version 1.0.14.0 //Git Winch// uses the full name of the user which the user had set to attribute a commit, and create the above signature. As far as possible, the username (the one that is used to login) is NOT shared with anyone (nor should you) so the chances of hacking into someone' | ||
| + | |||
| + | //Only the owner of a repository would come to know the username of a person who works on the repository when the deploy key is made. But that is an arrangement between only those two persons and not everyone else.// | ||
| ---- | ---- | ||
| [[/ | [[/ | ||