How do you authenticate the identity when people are submitting patches between two repositories running on two different servers?
How do you authenticate the identity when people are submitting patches between two repositories running on two different servers?
There's a federated identity spec and implementation: https://github.com/gitsocial-org/gitsocial/blob/main/documen.... For GH/GL, just an api call to verify signature, for custom domains, it's .well-known/gitmsg-id.json