Suppose a company has a large private GitHub repository. There are 200 GitHub accounts allowed to commit there. If it is discovered that the Git history of that private repo contains commits with suspcious code, obviously they were made by someone from the 200 allowed GitHub accounts. What if the rogue commiter specified an e-mail not known to the company (for example “firstname.lastname@example.org”) in the commit. How is it possible to discover original GitHub user of those rogue commits? From the GitHub UI, it is not possible to click on the user for that specific commit (from the list of all commits in a repo). Because the e-mail “email@example.com” is not tied to any GitHub user account. The e-mail is just meta information in a commit.
Up. This is still very relevant. Need help.