DanConwayDev -- 49d Half right. Both clients and servers treat the git state on nostr as the authority. One grasp implementation (ngit-relay) uses git hooks to prevent pushes of incorrect state. 3 others implement there own http git server rather than git-http-backend. An ngit client won't download an incorrect state from a listed git server. This makes the trust relationship with git servers identical to that of nostr relays. grasp servers authorising a new state. Clients like ngit fetch the only the related data from listed servers. If a server has a d if repository git servers have a different state. Grasp servers prevent other use replyHalf right. Both clients and servers treat the git state on nostr as the authority. One grasp implementation (ngit-relay) uses git hooks to prevent pushes of incorrect state. 3 others implement there own http git server rather than git-http-backend. An ngit client won't download an incorrect state from a listed git server. This makes the trust relationship with git servers identical to that of nostr relays. grasp servers authorising a new state. Clients like ngit fetch the only the related data from listed servers. If a server has a d if repository git servers have a different state. Grasp servers prevent other use
thread · root 9676ce20…f47e · depth 2 · · selected 05576ea4…4829
thread
root 9676ce20…f47e · depth 2 · · selected 05576ea4…4829
nostr:nprofile1qqs2qzx779ted7af5rt04vzw3l2hpzfgtk0a2pw6t2plaz4d2734vngpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszrnhwden5te0dehhxtnvdakz7qgkwaehxw309ajkgetw9ehx7um5wghxcctwvshs3uw7mh, I was reading about ngit (finally).I have a question about securing a git repo...It looks like security is managed via git hooks exclusively? Otherwise the repo should be public and without anyauth?Is that right?
Half right. Both clients and servers treat the git state on nostr as the authority.One grasp implementation (ngit-relay) uses git hooks to prevent pushes of incorrect state. 3 others implementthere own http git server rather than git-http-backend.An ngit client won't download an incorrect state from a listed git server. This makes the trust relationshipwith git servers identical to that of nostr relays.grasp servers authorising a new state. Clients like ngit fetch the only the related data from listed servers. Ifa server has a d if repository git servers have a different state. Grasp servers prevent other use
nostr:nprofile1qqs2qzx779ted7af5rt04vzw3l2hpzfgtk0a2pw6t2plaz4d2734vngpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszrnhwden5te0dehhxtnvdakz7qgkwaehxw309ajkgetw9ehx7um5wghxcctwvshs3uw7mh, I was reading about ngit (finally).
I have a question about securing a git repo...
It looks like security is managed via git hooks exclusively? Otherwise the repo should be public and without any auth?
Is that right?