We use GitHub and we have a request to commit commit . Having studied the process, I do not understand what fixation fixation problem solves. As far as I understand, the “local source code” process, which is tied to the “local repo”, gets into the “remote repo”. Thus, there are three fields and two arrows that create a directed graph from the local source files to the remote repository. For the end user, the threads are reversed.
In the model, as described, it seems that we want permissions to be executed when a remote repo is clicked; and capturing signatures is of little use.
SCM Git User Guide 7.4 Git Tools - Signing your work does not indicate a problem that it solves. However, he says that I am hunting for the answer:
Everyone must subscribe
Signing tags and commits is great, but if you decide to use this in your normal workflow, you need to make sure everyone on your team understands how to do it. If you do not, you will end up spending a lot of time helping people understand how to rewrite their obligations with signed versions. Make sure you understand the GPG and the benefits of signing things before accepting this as part of your standard workflow.
I assume that Git engineers modeled Git workflows. They identified the problem (or problems), and they put “label control” on security control to fix it. I would like to know what problems they identified and solved using the “fixation fixation”.
I think what happened is that people confuse / associate Authentication with authorization, or possibly code integrity. Unfortunately, authentication is not authorization or code integrity, despite being willing to do so.
What problem does git capturing commit?
source share