Anonymous contributions with git

I’ve been playing around with the idea of how to make anonymous contributions to open source software.

Let us say that you want to contribute to a project, but it is not something you necessarily want to be associated with. The git tree will (probably) last for the next 10+ years, probably enough that it could influence your career options.

The project could be the tor project, or maybe metasploit? Really anything above average controversial, but you might want that job at $risk_averse_bank later on.

First of you would start out with setting your username and email in your cloned copy. git config user.email anonymous@example.com, and git config user.name Anonymous. Cool, future commits are not made as the default user/email, but overridden inside this repository.

But how do you get that golden patch set you’ve written upstream?

git format-patch + email to the development list (if it exists) is a possibility. I haven’t looked into sending anonymous emails for quite a while, but I suspect it isn’t trivial to get it right.

You can pastebin the patches somewhere, and somehow ask the developers to merge it.

All in all, this is probably things that can be solved. A bit of research, maybe a bit of tor, and it is all good. Or at least gives sufficient anonymity for fixing that typo in a readme file somewhere.

But it is cumbersome. You just want to fix that typo. The sweetness of the github fork+fix+pullrequest is that it is very low effort for the contributer.

So I’ve bounced the idea around to friends and coworkers, to see if someone feels this need and how it can be solved without burdening the commiter to badly. There are two ideas on the table;

1. Implement some sort of extra transport inside git that takes a repository name, hashes it, finds some public storage (think DHT) out there and pushes in that direction. Ignoring the bad connotations, this might just be freenet all over again. The storage network can be community driven, tends to the DHT and syncs git trees back and forth for robustness/reliability. If the user needs extra anonymity, use tor to do the pushes. (this needs more work)

2. Make an open github-style push target that just accepts any repository. Push to git://anongit.com/$RANDOM/. If the tree isn’t there, the service runs git-init and accepts. Go to http://anongit.com/$RANDOM/ and get a github/gitweb(uh) style web page for your (secret) repo. The web page also has a list of commiters (from the git log), and users of the web interface can ask the service to send a pull request over email for you.

Implementing #2 shouldn’t be too hard, but running one of these servers over time might be. (abuse, takedown notices..) Doing #1, perhaps with .onion services inside tor might work, but requiring tor for access makes things more complicated for the user.

Are there more options you can think of?

Things that might influence that I haven’t touched into in this post; 1) do upstream devs really want to accept patches from clearly anonymous sources? 2) should it be anonymous <anonymous@example.com>, or something less conspicuous? 3) should the commit time stamp be changed to 1970? 4) writing style/text analysis of the commit message might give you away. 5) maybe people only send pull requests for the fame. In that case anonymous commits doesn’t apply well.
This entry was posted in stuff and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s