Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
Level
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Smart Commit Warning

Hi,

We want to enable smart commits in Crucible so that users can directly transition issues in the linked project in JIRA or create review while committing. 

However we have seen the following warning while enabling smart commits in Crucible administration.-- "When using Git or Mercurial, it is possible to commit under any username. Ensure you can fully trust your committers when using those systems."

Our repositories are hosted in Bitbucket and most users use Git clients.

Could some please suggest what exactly this means and what implications this could have ? For e.g. can a user who is having permission to commit in Stash but no permissions in the JIRA project be able to transition an issue while committing?


Thanks,

1 answer

1 accepted

1 vote
Answer accepted
Vitalii Atlassian Team Mar 23, 2016

This means that UserA can modify his git config settings in the next way:

Then using Smart Commits he can perform all possible operations as UserB (if UserB is authenticated with JIRA Software).

This sounds like a horrible security issue!

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira Service Management

ThinkTilt is joining the Atlassian Family!

This morning, Atlassian announced the acquisition of ThinkTilt , the maker of ProForma, a no-code/low code form builder with 700+ customers worldwide. ThinkTilt helps IT empower any team in their or...

415 views 19 23
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you