The Shibboleth project is migrating its source code repositories from the Subversion centralised version control system to the more modern and decentralised Git, see INFRA-106.

Anonymous Access

Public repositories may be accessed using the anonymous git protocol:

$ git clone git:// 

This access method supports git clonegit fetch and git pull. Making changes to the repository is not permitted.

The decentralised nature of Git means that as a non-committer, you can still work with a repository and develop on a local branch. Use techniques such as git rebase to keep your branch up to date with the upstream repository. See this section of the Pro Git book for tips.

If you develop code as a non-committer and would like to contribute it back to the project, please start a discussion on the development list. You will need to agree to the contribution policy before we can accept a contribution. You can then git rebase your branch one final time and submit changes using git request-pull.

Committer Access

Making changes directly to any of the Shibboleth project Git repositories can only be done by project committers. Full repository access is performed using the ssh protocol:

$ git clone 

We use the gitolite software to authenticate users using their SSH keys and to give each user appropriate permissions.

The current gitolite administrators are Ian Young and Scott Cantor. Contact a gitolite administrator if you need to add or remove an SSH key (you may have more than one, for example if you use separate keys for each workstation you use) or if your permissions appear to be incorrect.

You can find out which repositories you have access to, and the permissions you have over each using the info subcommand, as follows:

$ ssh info
hello iay, this is git@shibboleth running gitolite3 v3.6.2-18-gb6050a8 on git 2.3.4

     C	CREATOR/..*
 R W	some-repository
 R W	testing

This shows that the user iay has read and write access to the repositories some-repository and testing, as well as the ability to create new repositories using their gitolite user ID as a prefix, such as iay/another-repo or iay/folder/yet-another. You can read more about the facilities available from gitolite in this summary.

The testing repository is available to all authenticated users, as well as being visible through anonymous access using the git protocol.