Each commit on GitHub is associated with three people: its author, its committer, and its pusher.
You author a commit when you make changes to files in a repository. You commit a commit when you apply the changes to the repository's history. You push a commit when you send those changes from the local repository on your computer to the remote repository on GitHub.
Often, a commit will be authored, committed, and pushed by the same person... but not always! Continue reading to learn how these roles are different and what to do if any one of them looks wrong on GitHub.
You author a commit when you make changes to files in a repository. Usually, that means writing code! An author is identified by both a name and an email address, like
Laura Coursen <firstname.lastname@example.org>.
If you're working locally, you can tell Git who authored a set of changes by using the
--author flag with
git commit. If multiple people contributed to a set of changes, you can add one or more
Co-authored-by trailers to the commit's message to give them all credit. For more information, see "Creating a commit with multiple authors." If you don't specify any authors, the
user.email from your local Git configuration will be used by default.
If you're working on GitHub and haven't enabled Keep my email address private, we'll use the name in your profile settings and your primary email address as author information by default, but you can choose to use any other verified email address in your GitHub account each time you make a change. If you do have Keep my email address private enabled, the private email address provided by GitHub will be used instead. For more information, see "Setting your commit email address on GitHub."
Whether you work locally or on GitHub, we use the email address(es) from this author information to associate GitHub accounts with commits in most places on our site, including contributions graphs and the commits list:
If you see a different person than you expected in either one of these places, check the author information for the commit. Locally, you can use
git show <SHA>:
lecoursen$ git show 9b8a3a03b6de3581a86d55d4fbf586cbf3d7218c commit 9b8a3a03b6de3581a86d55d4fbf586cbf3d7218c Author: Laura Coursen <email@example.com>
On GitHub, you can add
.patch to the end of the commit URL:
From 9b8a3a03b6de3581a86d55d4fbf586cbf3d7218c Mon Sep 17 00:00:00 2001 From: Laura Coursen <firstname.lastname@example.org>
Note: This means that the email address used to author a commit can be seen by anyone with access to a repository, which is everyone on the internet for public repositories! If you don't want your personal email address in your commits, you can use the private email address provided by GitHub instead. For more information, see "About commit email addresses."
For steps to fix this commit and prevent future commits from being misattributed, see "Why are my commits linked to the wrong user?"
After you make changes to files, you need to apply those changes to the repository's history. The committer is the person who most recently applied a set of changes. You're probably familiar with applying changes by creating a commit, using
git commit while working locally. In this case, the author and the committer are usually the same person.
Commits are not always committed by the author, though! When you work on GitHub.com, you're the author, but GitHub (
GitHub <email@example.com>) is the committer. You make the changes, and we apply them for you behind the scenes. To see this yourself, use
git show --pretty=fuller <SHA> to see the author and committer information for a commit you made on GitHub:
lecoursen$ git show --pretty=fuller 9b8a3a03b6de3581a86d55d4fbf586cbf3d7218c commit 9b8a3a03b6de3581a86d55d4fbf586cbf3d7218c (origin/master, origin/gh-pages, origin/HEAD) Author: Laura Coursen <firstname.lastname@example.org> AuthorDate: Fri Feb 9 10:10:17 2018 -0600 Commit: GitHub <email@example.com> CommitDate: Fri Feb 9 10:10:17 2018 -0600
On GitHub, you'll see the author(s) and committer in the commits list, if they're different:
The committer is especially important when using a GPG key to sign commits. When you add your GPG key to your GitHub account, signed commits will be verified so other people can trust that the changes really were applied by you, but only if the committer email address matches your GPG key and a verified email address on your GitHub account. For more information, see "Signing commits using GPG."
GitHub will automatically sign commits you make on GitHub.com using our own key. For more information, see "About GPG."
After making and applying changes locally, it's time to push those changes to GitHub. We determine the pusher of a commit by the credentials (username + password or SSH key) used to authenticate for the push. You must have at least Write permissions to push changes to a repository, but the changes you push could be authored or committed by anyone, regardless of their permissions. They don't even need to have a GitHub account!
There are many reasons to push changes you didn't author. Suppose you needed to remove sensitive data from your repository. This process requires rewriting your repository's history and force pushing sanitized commits to GitHub. Unless it's a solo project, this usually means pushing commits you didn't author.
So, don't worry if you see commits authored by someone who doesn't have Write permissions to your repository. They were definitely pushed by someone who does! (Again, see "Why are my commits linked to the wrong user?" for help figuring out why the author information is unexpected.)
On GitHub, you'll see the pusher of a commit in some notification emails and your news feed:
If the pusher you see is unexpected, check the credentials being used to authenticate for the push. First, use
git remote -v to check if you're pushing over HTTPS or SSH. If you see HTTPS URLs like
https://github.com/lecoursen/test.git, the other person's username and password is probably cached on your machine. If you're using OSX, see "Updating credentials from the OSX Keychain" for information about how to update or delete credentials in OSX Keychain. If you're using Windows, run this command to disable the credential helper:
git config --global --unset credential.helper
Then, follow the steps in "Caching your GitHub password in Git" to reset credential caching with the correct username and password.
If you see SSH URLs like
git@github:lecoursen/test.git, follow the steps in "Testing your SSH connection" to check which GitHub account your SSH key is associated with.
If you're still confused about the author, committer, or pusher of a commit on GitHub, contact the Support Team! We'll be happy to help.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.