Git and github are not change management tools (rewriting history in git)

The author is misguided about (1) the technical details behind Git (all commits are hashed, so if you cryptographically sign a particular commit tag, it will definitely point to that commit and its attendant history), as well as (2) the obvious/non-obviousness of a rewritten history (if upstream rebases, it's really obvious.)

So, in summary:<p>"A hammer can be used for the following things:<p>1. To drive nails into another material<p>2. To 'hammer out' dents in sufficiently soft materials<p>3. As a weapon<p>4. As a doorstop<p>5. etc.<p>Because some people only use it to do (1) and (3), it isn't a tool for (2)."<p>P.S. I know the author acknowledges this in his own comment on the article.

You can ammend history in any repository, but all other repositories still have the original state. Hence, someone who tries to tamper with git history in such a way can't do it undetectably. It will be blatently obvious to all that the history has been rewritten, and all other copies of the repositories will contain the original history.<p>If you <i>are</i> going to use git in a centralized way, I suggest you use Gerrit. In addition to providing code review functionality, Gerrit also gives user authentication and you per-user access controls. This allows you to restrict what a user can do when he pushes, so that he can only update a branch (i.e., push new content), and not delete a branch or do a "force push" (which is what you would need to do if you want to replace a branch with entirely new content).<p>It's also possible to customize Gerrit to only allow a user to push changes that he or she wrote herself, which will give you a much more strict audit trail. And you can set these access control parameters on a per-branch basis, so you could allow the release manager to push new changes onto the vendor branch, but all changes to the production branch must be committed by the person submitting the change, and go through code review.<p>So the basic take-away from the article is (a) git is a distributed SCM, not a centralized SCM; and if you want to use git in a centralized SCM fashion, don't do it incompetently --- instead you should use Gerrit, which is designed as a wrapper to Git so it can a secure, auditable, centralized repository.

A good article for the git initiate, but I could do without the sensational headline.

If you don't like this behaviour, you can set a git repository to reject non-fast-forward pushes to it. Run:<p><pre><code> git config receive.denyNonFastForwards true </code></pre> This will permit branches to only go in a forward direction.

With apologies to Doug Gwyn -<p>GIT was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.

Pointless article about user error.

Great read, thanks!