Block any rewriting of the history of a Git repository?

published Dec 26, 2019 01:35   by admin ( last modified Dec 27, 2019 05:01 )

Untested by me as of yet, but it seems possible to actually make a Git repository where you cannot rewrite history. You need to do two things:

  • Only allow fast forwards for applying patches (I guess it is applying patches here? Right guys?)
  • Deny all deletes


 git config --system receive.denyNonFastforwards true


 $ git config --system receive.denyDeletes true

Got the info from here:

Update 2019-12-27: This is a system level config, as presented. If you put it as a local, question is, how do you get it onto the server you're pushing too? Actually that would be a security problem. So, it seems you have to set up a git server specifically for this, and set the properties on the system level, as indicated. Potentially you could run that git server in a container.