[oe] Commits from company keys
Koen Kooi
koen at dominion.kabel.utwente.nl
Thu Aug 30 07:20:43 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
Since yesterday we have a key in our db for a company, so that their development team can
use to push patches without having to all have their personal key.
Since that clashes with our "one key maps to one person" policy from the past, people
using those keys _*MUST*_ use 'mtn commit <foo> --author "theirrealemail at address.com"'.
That way it is clear which _person_ made that commit.
If you forget it, you can always sign that revision with your personal key (-k
your at keyid.org) and push with the company key, since permission checks are based on _who_
pushes, not on the author of the commits.
If a company keeps refusing to use --author the OE core team should re-evaluate the
presence of the key.
regards,
Koen
PS: the diffs from said company itself look awesome at the moment, but aren't retracable
to a person.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
iD8DBQFG1m/LMkyGM64RGpERAgzPAJ9/tYjOBcyA5gQ+kFebjZGb3HzxmwCgnDyM
d++z29jLmb0rLILdrQwy/S0=
=MjPO
-----END PGP SIGNATURE-----
More information about the Openembedded-devel
mailing list