Mercurial is bad for community code reviews
Arne Babenhauserheide
arne_bab at web.de
Tue Dec 18 11:11:07 UTC 2012
Am Dienstag, 18. Dezember 2012, 11:09:19 schrieb anatoly techtonik:
> This is the most unfortunate. I wonder if it is possible to add a second
> layer of meta information about changesets when they are merged without
> breaking history link with original changeset?
You could setup a workflow where the reviewers sign changesets after review.
That would also reflect very well, what the code reviewers actually do.
To start it in a currently active project, get the maintainer to sign a given
release and then require everyone who accepts a pull-request to sign it.
To make that simpler, add a hook which enforces that all pushed heads are
signed:
http://code.google.com/p/hghooklib/wiki/CheckGpgSig
The effect is that
(a) You get a safer workflow (everything is signed with GnuPG)
(b) The reviewers get credit for what they actually do: Sign off changes
To make this more convenient it could be useful to have an extension which can
check from whoma given changeset was signed off: Just check for the
topologically next signature(s) after the changeset.
hg reviewer REV → who committed and signed the signature(s) for this REV
Best wishes,
Arne
--
Ein Würfel System - einfach saubere Regeln:
- http://1w6.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.mercurial-scm.org/pipermail/mercurial/attachments/20121218/f92d63d5/attachment.asc>
More information about the Mercurial
mailing list