[FFmpeg-devel] rebasing security
Timo Rothenpieler
timo at rothenpieler.org
Tue Aug 12 20:26:26 EEST 2025
On 8/12/2025 7:04 PM, Marton Balint wrote:
>
>
> On Tue, 5 Aug 2025, Kacper Michajlow wrote:
>
>> On Mon, 4 Aug 2025 at 23:38, Marton Balint <cus at passwd.hu> wrote:
>>>
>>>
>>>
>>>
>>> - Previously it was pretty clear from git history who actually committed
>>> a change from the comitter field. With using forgejo the comitter
>>> field no longer shows the person who actually *committed* the
>>> change to
>>> the main repo, but it is inherited from the original pull request
>>> commit
>>> instead, so it simply shows the original author of the patch.
>>
>> I don't think this is accurate. Committer field is set to the person
>> who clicks the "merge" button. Same as they would manually git push
>> the patches.
>
> Even if the merge is fast forward? Because there is a pull request I
> merged via forgejo, and committer was not updated:
> 09828e7fe214a28cacfb805605bd5b19041d1f68
It's the person who pushes the rebase-button.
If the merge is FF, rebase is skipped, and everything of the commit kept
in tact, since the hash doesn't change.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4742 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20250812/5b846d64/attachment.bin>
More information about the ffmpeg-devel
mailing list