Detect IP address of GitHub commit

joe mediocrity picture joe mediocrity · Nov 17, 2014 · Viewed 11.4k times · Source

i'm the owner of a few corporate github repositories. Lately we have been suspicious of a developer who may be enlisting outsourced help through his borrowed github identity (many 4am commits in batches). Is there a way on github.com to determine the source IP address of the committer? On the traffic page i can infer this info based on teh number of unique clones, but this is not enough data for us to validate our concerns.

Cheers, Joe Anonymous

Answer

SzG picture SzG · Nov 18, 2014

If this "individual", if I'm quoting your corporatese right, lets his subcontractors commit themselves to the official repo in his name without further precautions, then he is an idiot and deserves to be fired.

In this case, you probably don't even need the committer's IP address. The commit itself contains some very useful data:

git cat-file -p <suspicious-commit-id>

Will show the entire commit object. It will contain two lines like this:

author Foo Bar <[email protected]> 1398017575 +0200
committer Foo Bar <[email protected]> 1398017575 +0200

As you can see there is timezone info following the Unix-epoch timestamps. If you're on the East Coast in the USA, you should see something like -0500. If the subcontractors are in India, you'll see +0630 or something like that.

The "individual" has probably more sense than that. So the subcontractors push to his repo, then he rewrites history and pushes to the official repo. In the latter case, good luck.