Can my Bitbucket.org users delete my code?

But could a programmer that's been added to the bitbucket.org repo then delete the previous versions?

What I'm trying to understand is.... if I add a programmer to my bitbucket.org repo, could they maliciously deprive me of my code? 

Hi Philip, you'll always have a local copy on your computer (or you should, as I'd imagine that's where you're working) so even if the other user deletes the code from Bitbucket you'll have your local version that you can upload to Bitbucket again.

If you don't trust that person but still need him to work with you, you could consider forking your repository so they don't directly work on your copy, or restrict his access to the master branch so you'll need to approve his changes before they are merged.

Hope that helps :) 

Ana

In the worst case your adversary (*cough* I mean colleague), if they have write permission to the repo, can "git push --force" anything to it and completely wipe it.

For example, they could use the "--mirror" option on git push to wreak havoc!

mkdir emptyDir
cd emptyDir
git init
git commit -m 'initial empty commit' --allow-empty
git push --mirror [url-to-your-repo]

If your repo allows force-pushes, that sequence of commands will essentially completely wipe out all branches so that all that remains is a single empty commit with nothing.  Of course you can restore from your own clone, but only up to the last time you fetched or pulled.

This is one reason why it's a good idea to setup branch permissions to forbid force-push against your master branch.  (Note: only admins can change branch permissions.)

Great, so you confirmed what I thought. But if that force-push wipes all branches, is there not an option to restore to previous version? Ie remove the malicious user and restore the last version?

I know very little about how these systems work but I am due to start a mini course next month. In the mean time pls pardon my basic questions.