Speaking at KCDC

Last week I had the pleasure of speaking at the Kansas City Developer Conference (KCDC). I had one talk and one workshop: Application security from start to finish (handout) Hands-on workshop GitHub Code to Cloud (handout) You can download the handouts from the links above. If you attended one of my sessions and want a free copy of my book – ping me and I’ll arrange that. What is KCDC? KCDC is a community conference in Kansas City with more than 1,600 attendees. I has no singe-track keynotes but directly dive into the 15 parallel tracks. There are tracks about … Continue reading Speaking at KCDC

Should you require all developers to sign all local commits?

A discussion I have quit often is about the recommendation if companies should require all their developers to sign their commits locally or not. Here is my perspective on that matter. Background Git is very powerful and gives you the possibility to alter existing commits. But this also means, that the author of a commit is not necessarily the one that is committing the code. A commit has two fields: author and committer. Both fields get set to the values of user.name and user.email from git config plus a timestamp. If you rebase, for example, the committer changes to the … Continue reading Should you require all developers to sign all local commits?