How to optionally reject commits from unknown committers?


#1

I am searching for a toggle for Git and possibly Mercurial repositories, where pushes containing commits from unknown committers (i.e. the email address not being linked to any user known to Phabricator) would be rejected. This would be to ensure a certain level of hygiene in the repository, making sure that each commit can actually be traced back to a specific project member.

In the long run this mechanism could be extended to require the committer to also sign the commit using PGP, and Phabricator verifying this signature against the PGP keys in the user’s profile. But this is not what this request is about.


#2

Try something like this:


#3

I tried this with if all of: Committer does not exist (instead of Author) and the rule does not trigger when I use random values for the committer email in the commit I push.

If I change this to if all of: Committer does exist the rule triggers always, even if I use random values for the committer email.

Our instance runs the code from week 2018/25, which should be the latest according to the ChangeLog.


#4

Can someone confirm this behaviour? Is this a bug or do I just misunderstand @epriestley’s suggestion?