Someone used git push --force but I can't tell who did it from the logs. Is there a way to identify the culprit?
How can I find out who force pushed in git?
Update Nov. 2018: if you are pushing to a centralized Git repository hosting service like GitHub, then you would be able to see who has forced push your branch. But only because GitHub has chosen to surface that event in its GUI.
See more at "Find committer of a force push on GitHub".
Original answer 2013:
As I mention in "Distributed Version Control Systems and the Enterprise - a Good mix?", there is no authorization or authentication with Git alone.
You need an authorization layer like Gitolite in order to keep track of who does what. (Gitolite comes with its own audit trail mechanism).
But if your repo is accessible through file (or local) protocol, then you cannot know who forced pushed.
(from motivationalgenerator.com, and wikipedia)
Using bitbucket. No record. Could it be done accidentally with some GUI tool that doesn’t bring up a dialog to warn the user? –
Apfelstadt
@Apfelstadt I confirm the record I mention above is for GitHub repository only. For BitBucket, a
push --force can be done from any number of sources, including a simple command line session. –
Monotheism If you are lucky enough to use GitHub or GitHub for Enterprise, you can have a look to the events REST API and check who/when Pushed/Dropped to the remote refs, example for log4j:
© 2022 - 2024 — McMap. All rights reserved.
git push --forcein a more secure way – Monotheism