git-shuffle

Randomize Git commit timestamps to enhance privacy

git clone https://git.8pit.net/git-shuffle.git

commits

2021-04-15 Fix function name in error message in randtime() Sören Tempel
2021-04-14 README.md: Update status Sören Tempel
2021-04-15 README.md: Add portability section Sören Tempel
2021-04-14 Use getentropy(3) instead of rand(3) Sören Tempel
2021-04-14 Use timegm instead of mktime and take offset into account Sören Tempel

Clone the repository to access all 52 commits.

git-shuffle

Randomize timestamps associated with Git commits to enhance privacy.

Motivation

Git associates timestamps with commits. These timestamps expose coding hours and thereby potentially violate ones privacy. This tool randomizes the hour of the day, as contained in these timestamps, to enhance privacy. The tool can be employed automatically for all Git repository through global githooks(5) (see below).

Status

I use this daily, works entirely fine for my purposes as is.

Installation

This software only requires libgit2. If libgit2 was installed successfully, compile this software as follows:

make

Afterwards, the software can be installed system-wide using:

make install

Usage

This tool can be invoked manually from a Git repository. For example, the following command would randomize timestamps of all unpushed commits on the master branch (i.e. behaves like git-rebase(1)):

$ git shuffle origin/master

However, it is likely desirable to automate this process through global githooks(5). For this purpose core.hooksPath will need to be set using git-config(1). Additionally, a post-commit hook must be created which amends the previously created commit. For example using:

$ git config --global core.hooksPath ~/.config/git/hooks
$ mkdir -p ~/.config/git/hooks
$ printf "#!/bin/sh\ngit shuffle -a\n" > ~/.config/git/hooks/post-commit
$ chmod +x ~/.config/git/hooks/post-commit

Program usage is described further in the provided man page.

Portability

This code requires getentropy(3) (which is available on Linux and OpenBSD but not mandated by POSIX) and timegm(3) and err.h which are also not mandated by POSIX but widely available on both Linux and BSD systems.

Related Work

The git-privacy utility shares the same goals but has way more configuration options and is thus more complicated. Furthermore, it doesn’t utilize libgit2.

License

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.