Here is a collection of mailing list postings made by various people describing how they use Git in their workflow.

When a vulnerability is reported, we follow these guidelines to assess the vulnerability, create and review a fix, and coordinate embargoed security releases.

This how-to explains a method for keeping a project’s history correct when using git pull.

Imagine that Git development is racing along as usual, when our friendly neighborhood maintainer is struck down by a wayward bus. Out of the hordes of suckers (loyal developers), you have been tricked (chosen) to step up as the new maintainer. This howto will show you "how to" do it.

This is how-to documentation for people who want to add extension commands to Git. It should be read alongside api-builtin.txt.

In this article, JC talks about how he rebases the public "seen" branch using the core Git tools when he updates the "master" branch, and how "rebase" works. Also discussed is how this applies to individual developers who sends patches upstream.

In this how-to article, JC talks about how he uses the post-update hook to automate Git documentation page shown at https://www.kernel.org/pub/software/scm/git/docs/.

Some tricks to reconstruct blob objects in order to fix a corrupted repository.

Recovering a corrupted object when no good copy is available.

Sometimes a branch that was already merged to the mainline is later found to be faulty. Linus and Junio give guidance on recovering from such a premature merge and continuing development after the offending branch is fixed.

In this article, JC gives a small real-life example of using git revert command, and using a temporary branch and tag for safety and easier sanity checking.

In this article, JC describes how to separate topic branches.

An example hooks/update script is presented to implement repository maintenance policies, such as who can push into which branch and who can make a tag.

In this article, Sean demonstrates how one can use the subtree merge strategy.

Beginning v1.7.9, a contributor can push a signed tag to her publishing repository and ask her integrator to pull it. This assures the integrator that the pulled history is authentic and allows others to later validate it.