I am searching for a toggle for Git and possibly Mercurial repositories, where pushes containing commits from unknown committers (i.e. the email address not being linked to any user known to Phabricator) would be rejected. This would be to ensure a certain level of hygiene in the repository, making sure that each commit can actually be traced back to a specific project member.
In the long run this mechanism could be extended to require the committer to also sign the commit using PGP, and Phabricator verifying this signature against the PGP keys in the user’s profile. But this is not what this request is about.