1

Not sure if this is the place to post this question but I was wondering if anyone is aware of any apps which allows you to track your GIT repo code base if it has been checked out on another users computer. When I mean track, I mean prevent them from copying the software from their machine to anywhere else etc... So far from my experience working as a software engineer, I have just been handed a laptop from the company but anyone can easily just take their work and create a duplicate of it.

Companies IP does protect their code / DB but then again, it's very hard to track if your back-end code base has been reproduced for someone else.

I apologize in advance if this has been already answered but I could not find it on StackOverflow or the web thus far.

rahul singh Chauhan
  • 323
  • 1
  • 4
  • 15
Shivam
  • 2,208
  • 3
  • 24
  • 39
  • It is possible to create an evolution of git that does this. Some call such products: `Defective by design` – Marinos An Jul 12 '18 at 20:15

2 Answers2

5

When I mean track, I mean prevent them from copying the software from their machine to anywhere else etc...

No, that does not exits for Git, or for any other source control system: once you have cloned/checkout a repository, nothing prevents you to copy it elsewhere.
That tracking mechanism would be implemented by a security team, but has nothing to do with Git itself.

What repository hosting servers (like GitHub for Enterprise, or GitLab) can provide is an audit trail of "who" (IP addresses actually) cloned a repo, but won't know anything of a copy once the repo is cloned.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Appreciate your answer. Just want to hear from a few others to see if anyone else might have any ideas too. – Shivam Jun 29 '18 at 00:03
2

It's not possible to track what other people do once your code is cloned, but:

In case your code is compiled and you suspect from someone who could have used your IP without your permission, you can audit the suspected binaries with tools like:

binwalk

Focus on unpacking firmwares, but not much else

Binary Analysis Tool (BAT)

generic framework for checks of files written by Armijn (does not support ubifs)

Checksums

License scanners

FOSSology

Integrated in openembedded

scancode

extracts licenses copyright statements json output

Ninka

After the audit you can send your lawyers against the company/developer who have used your code (without your permission).

Johan Alexis Duque Cadena
  • 457
  • 7
  • 19