The ArduPilot project just lost a bunch of commits in our git
repository because of this bug. A user who was not experienced with
git did a forced push of an old checkout on top of our master
repository, then other people who got the resulting pull errors tried
to fix it by doing pushes of their own.
I've sorted it out by restoring from one of my own clones and bringing
in all the missing commits I could find, but this really is just a
disaster waiting to happen with all git based projects on
It is normal when running a shared git repository to prevent this like
denyNonFastforwards = true
denyDeletes = true
It not only prevents mistakes like what happened to us today, it is
also an important security measure. It is only a matter of time before
some malicious user rewrites the history of a project in a subtle way
to introduce a security hole. That is much harder to get away with if
you can only do fast forward pushes.
So _please_ can we get an administrative option to set the above
options on our repositories?