Block any rewriting of the history of a Git repository?

published Dec 26, 2019 01:35 by admin ( last modified Dec 27, 2019 05:01 )

Untested by me as of yet, but it seems possible to actually make a Git repository where you cannot rewrite history. You need to do two things:

Only allow fast forwards for applying patches (I guess it is applying patches here? Right guys?)
Deny all deletes

 git config --system receive.denyNonFastforwards true

and

 $ git config --system receive.denyDeletes true

Got the info from here: https://stackoverflow.com/questions/2085871/strategy-for-preventing-or-catching-git-history-rewrite

Update 2019-12-27: This is a system level config, as presented. If you put it as a local, question is, how do you get it onto the server you're pushing too? Actually that would be a security problem. So, it seems you have to set up a git server specifically for this, and set the properties on the system level, as indicated. Potentially you could run that git server in a container.