1

One thing I hate about Git is how it handles user identity. Using name and email from config is rather annoying when I clone repository as authenticated user. Is there any command that makes project username and email match the one I clone the repository as?

Additionaly, is there any way to prevent pushing under name/email different than the ones registered for SSH key? To be honest, I don't understand the purpose of username and email for external repositories.

Robo Robok
  • 21,132
  • 17
  • 68
  • 126
  • The short answer is no—the configured user.name and user.email are just configuration entries, Git does very little with them. You can write a script you use in place of `git clone` that runs `git clone` and then, if successful, runs `git config` *in* the clone to *set* `user.name` and `user.email` there, though. That's what I'd suggest here. – torek Mar 29 '18 at 22:50
  • Thanks! Do you know any existing tools doing just that? – Robo Robok Mar 29 '18 at 23:02
  • I don't. I thought about writing something at one point but have not needed it (yet?), and these days I have too many tools that run `git clone` internally and won't let me insert my own command instead, which might become a problem at some point. – torek Mar 29 '18 at 23:17
  • Got it. Thanks for some precious hints then :) – Robo Robok Mar 29 '18 at 23:23

1 Answers1

1

Reminders: user.name and user.email have nothing to do with authentication. Only with commit authoriship.

And Git being decentralized, those values cannot be checked against a common user referentials (AD, LDAP, ...): there are the responsability of the Git repo user.

When you are pushing, using cached credentials with https (and a credential helper) or SSH (and a public key registered on the server side), you are using an account which does not have to be related in any way with the commits you are pushing.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • I personally dislike this side of git :( – Robo Robok Mar 30 '18 at 06:07
  • @RoboRobok I nuderstand, but it is fundamentally tied to its decentralized nature. – VonC Mar 30 '18 at 06:07
  • Yeah, but it could have allowed to defer commit signing until the push is done. – Robo Robok Mar 30 '18 at 06:09
  • @RoboRobok Speaking of signing, a better way to enforce the identity of the author of a commit is a gpg signature (https://stackoverflow.com/a/20628522/6309), if asserting who did a commit proves critical. – VonC Mar 30 '18 at 06:12