How to protect the identity of committers, when a git repository has several remotes?

Question

Our company has a project that we want to release as open source. The repository is hosted internally, and it contains a history that includes the names and emails of our team.

The open source project would be hosted on an external repository, Github. For illustration purposes, let us assume that the team members are Alice, Bob and Charlie, and the company name is ACME.

Is it possible to leverage git to to accomplish the following:

1. keep committing as Alice et al, with full transparency in our internal repo
2. when publishing code to the public repo, the commits should be squashed into one, as if they were made by a user called ACME (rather than Alice et al)
3. one of the team members,Bob, will act as a bridge between the internal and external repos. His responsibility is to work internally as Bob, and occasionally push the accumulated team-commits to the remote repo, as ACME.

The main idea is to withhold the identity of our colleagues, to protect their privacy. The external repository is there to allow others to contribute to the project, without letting them into our infrastructure.

The world should see that all the work done by the company was committed by ACME, and be unable to look at the history prior to the day the code was released as open source.

How can this be accomplished, or what are the alternatives we could consider?

Answer 1

The identity of a commit (or, for that matter, any object inside Git) is a cryptographic checksum of its contents. The contents of a commit include the author's and commiter's name and email addresses. If you make another commit that's otherwise exactly the same as a commit that has an un-obscured name and/or email address, but has the name and/or email address obscured, that other commit is a different commit.

The result is that you have two entirely different, and immiscible, repositories. This is a maintenance nightmare. It can be done, but it is definitely not worth doing.