Git Privacy

Follow the instructions in this document to obfuscate Git timestamps.

View Commit Timestamps

To view commit timestamps, run:

git log --format=fuller

Obfuscate Timestamps for Future Commits and Annotated Tags

For maximum privacy, set the author and committer dates to a clearly forged fixed date in UTC inside the interactive shell configuration:

export GIT_AUTHOR_DATE="2000/01/01T00:00:00+0000"
export GIT_COMMITTER_DATE="$GIT_AUTHOR_DATE"

To balance privacy and timestamp accuracy, set the author and committer dates to a course-grained date in UTC inside the interactive shell configuration:

export GIT_AUTHOR_DATE="$(date -u +%DT00:00:00%z)"
export GIT_COMMITTER_DATE="$GIT_AUTHOR_DATE"

Remember that shell environment variables do not change after being set, so dates update only after a new interactive shell is opened.

Obfuscate Timestamps for Future Digital Signatures

For maximum privacy, create a custom version of GnuPG with a fixed timestamp set between when the signing key was generated and the current date:

#!/bin/sh
gpg --faked-system-time <iso>! $@

See gpg(1) for valid <iso> formats.

To balance privacy and timestamp accuracy, create a custom version of GnuPG with a course-grained timestamp in UTC set after the signing key was generated:

#!/bin/sh
gpg --faked-system-time "$(date -u +%Y%m%dT000000)!" $@

Set the script as executable:

chmod +x /path/to/custom-gpg.sh

Tell Git to use the new script:

git config --global gpg.program /path/to/custom-gpg.sh

0 6 * * * git -C /path/to/repo/ push origin master

License

This file is licensed under CC-BY-SA 4.0.

Git Privacy

View Commit Timestamps

Obfuscate Timestamps for Future Commits and Annotated Tags

Obfuscate Timestamps for Future Digital Signatures

Obfuscate Timestamps for Existing Commits and Annotated Tags

Obfuscate Timestamps for Existing Digital Signatures

Forges

License