Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,463,405
Community Members
 
Community Events
176
Community Groups

Smart Commit Warning

Hi,

We want to enable smart commits in Crucible so that users can directly transition issues in the linked project in JIRA or create review while committing. 

However we have seen the following warning while enabling smart commits in Crucible administration.-- "When using Git or Mercurial, it is possible to commit under any username. Ensure you can fully trust your committers when using those systems."

Our repositories are hosted in Bitbucket and most users use Git clients.

Could some please suggest what exactly this means and what implications this could have ? For e.g. can a user who is having permission to commit in Stash but no permissions in the JIRA project be able to transition an issue while committing?


Thanks,

1 answer

1 accepted

1 vote
Answer accepted

This means that UserA can modify his git config settings in the next way:

Then using Smart Commits he can perform all possible operations as UserB (if UserB is authenticated with JIRA Software).

This sounds like a horrible security issue!

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events