I'm trying to setup a gitolite server. One problem that I find annoying in git is the username is not checked when committing code.
This can lead to a possible "identity phishing" where user1 can commit some bogus code and set user2 as username. Then we'll blame user2.
I'm looking for a way to check or force the username to be consistent with the committer's identity.
You can sign your commits using: git commit -S (only available since git 1.7.9)
You can then use a server-side git hook to refuse any unsigned commit.
Source: http://phreaknerd.wordpress.com/2012/02/09/signing-git-commits-with-your-gpg-key/
With a git hook, you get the ref which is updated. You can check the whole commits tree being pushed and thus get the commiter name & email (though if it's not signed, you won't ever be sure of it).
Gitolite uses env variables to store various informations, you can take them to get the name of the person being connected, and do your verification.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 爷、活的狠高调 的文章《With a git hook, how do I force or check user iden》','https://www.manongdao.com/article-892485.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}