Session: Who’s Commit is it Anyway? Understanding git commit metadata
Jessica Schumaker, from the GitHub Repository Security team, will break down the meaning of common git commit metadata. She will explain the distinction between the author, committer, and pusher on a commit. She will demonstrate which fields are vulnerable to spoofing and tips for identifying imposter metadata. Additionally, Jessica will discuss strategies to ensure you get credit for contributions when collaborating with others, even if your commit is squashed onto another branch.
Attendee Takeaways
- Understanding git author, committer, and pusher
- Where this metadata comes from and how trustworthy it is
- Learn what it means to be a co-author on a commit
- Tips for spotting suspicious metadata
