isn't it cool that on all the git servers you have two independent auth mechanisms depending on how you're interacting with the service?
Conversation
neat that you don't need to 2fa to force push all branches to a junk commit and then get git to gc the repo, but you need 2fa and to re-enter your password to delete the repo
4
1
33
i actually want a git ui that lets you comment on changes via pubkey auth so
1
10
i also kinda want to be able to accept pubkey auth and not tie that through ssh because i don't that to not be buggy and don't want to have to sysadmin that hard to accept commits
1
8
might even consider hosting a gitlab if they could go three months without sending me an email about a new critical security update
2
14
Replying to
Have you looked into Gerrit?
gerritcodereview.com
People without commit access can push to it with git to make pull requests, extra data like reviews is inside the Git repository via notes and you can manage everything via consistent CLI tools (git and gerrit) and auth.
2
1
Replying to
i'd written off gerrit a few years ago for reasons i've since forgotten, but this is a good reminder to reconsider
1
Replying to
It used to have a terrible standard web interface but the defaults look great now. It's based around the model of submitting a rebased patch set and for the most part avoiding merges. It actually preserves reviews and history of changes properly across rebases via Change-Ids.
1
1
It originates in the Android Open Source Project but it's used by a ton of other projects now. For example:
review.coreboot.org/q/status:open+
GitHub's workflow is messed up and adds a lot of unnecessary complexity along with really bad code review, and unfortunately everyone copied it...