Rough, unedited notes on the Drupal Cape Town meetup June 2017

Riaan Burger from Burtronix spoke on Git workflow and security.

Thanks to him and Amazee for their sponsorship :-)

Riaan's slides available here: http://slides.com/riaan-burger/a-secure-git-development-work-flow

PGP, GPG, GNU.

Trusted communications.

Signing commits.

GPG  

Trusted Identity

Biglumber and keybase.io

Keeping a master key and then a revocation key offsite.

Routes all traffic through TOR - can’t be profiled that easily.

Setting the right cipher for certificates and keys

Use-agent to cache password so you don’t have to enter it each time.

Scm_breeze gives you a bunch of shortcuts

Scmpuff rewritten in go to do the basics of scm_breeze (that's what they use).

Provides git aliases in the terminal

Then my notes that I posted in the slack channel regarding Git's --no-ff flag:

For those not in the slack channel, here's a simple explanation of Git's --no-ff flag when merging,: http://dev.bizo.com/2014/02/why...­

Then check the graphic and paragraph here: http://nvie.com/posts/a-success...­ - essentially it just makes it easier to identify a specific feature that has been merged into a branch and allows for easier rolling back or reverting of the feature. So maintains branch history if the ancestor from which the branch was made hasn't changed since the branch was created.

 

Tags