[pydotorg-www] project plan
dirkjan at ochtman.nl
Tue Apr 20 16:29:03 CEST 2010
On Tue, Apr 20, 2010 at 16:16, Barry Warsaw <barry at python.org> wrote:
> I don't know whether Mercurial has the same feature that Bazaar has, where
> each revision can be signed, locally, on commit. I always enable that for
There is an extension to help sign revisions on each commit, certainly.
> everything I do. I also don't know whether that can be enforced (e.g. ensure
> on the server that on push, every revision is signed by a known gpg key).
> That may not prevent corruption after a break-in, but it would make
> post-attack analysis much easier.
Enforcing something in a hook wouldn't be very hard.
More information about the pydotorg-www