|
|
|
|
|
|
by namose
1401 days ago
|
|
|
It’s important for audit ability and security that people can’t change commit ids from under you. If you run a security review of commit A and decide it’s safe to automatically deploy on your production systems, you’re only doing that because you know commit A can’t be changed. |
|
|
A company can have a flag day, and keep a mapping of old hash to new hash for audit purposes.
I'm not saying do it willy nilly, but repos are fundamentally below the humans and any needs they have. Blockchains say code is law, and a fork (see eth DAO) is a complete clusterfuck.
Scrubbing some PII you legally need to remove from the corp codebase? Some poking, yes, but not a disaster.
Whereas they say there's plenty of child porn in the bitcoin Blockchain.