Your example is foolproof, but there's always a bigger fool? How do you prove that your commits weren't made on company time? How do you prove that they weren't made on company laptops? How do you prove that you didn't include trade-secrets in your implementation of these libraries?
You can show that your commits were made at hours outside of office hours, you can show that the commits were made with your personal e-mail address, but lawyers can dispute it - Git commits are cryptographic proof only that someone (or if you signed them, someone with access to that private key) attested to those statements, and you do both those things on the company computers. You can show that all of the code is obvious, but lawyers can dispute it. A sufficiently foolish lawyer can dispute literally anything.
Don't work for places where you'd have a problem with this - Get explicit approval for you to spend company time working on open source libraries that are the proprietary interest of the company, but that you as an individual have a copyleft license to (Iff you don't care that you can't take them private later). Or work for a company that doesn't have such onerous terms in their employment contract.
yeah... somebody needs to always make sure not to be the bigger fool...
1) Git commits have timestamps.
2) Proving I did on company laptop is their onus. Innocent until proven guilty. ;-P
3) I do that. Along with randomisation of sample data. but yeah, you make a very important point in general. 99% of people get screwed on such things.
4) If I do something using company laptop, it is bound to be logged somewhere. All my git visits are also logged and archived for 10 years as per law. So proving I did it using company laptop is easy and it is them who have to prove it. And a foolish lawyer is a dream come true because then I can keep dismissing his every argument as wasting the learned court's time.
But yes, keeping things straight forward is always a better idea.
git commit --amend --date="Wed Feb 16 14:00 2011 +0100" --no-edit
Certain proponents of Fossil and Mercurial will tell you that this is an advantage of those systems - They're fooling themselves, because you can make those edits, there's just not nice tooling for them.
So I guess it works in my favor because I own the git repo.
There's always something, isn't it. I can change my git timestamps and the employer can change its server log timestamps if there's maleficence at either side. That's a completely different territory then.
You can show that your commits were made at hours outside of office hours, you can show that the commits were made with your personal e-mail address, but lawyers can dispute it - Git commits are cryptographic proof only that someone (or if you signed them, someone with access to that private key) attested to those statements, and you do both those things on the company computers. You can show that all of the code is obvious, but lawyers can dispute it. A sufficiently foolish lawyer can dispute literally anything.
Don't work for places where you'd have a problem with this - Get explicit approval for you to spend company time working on open source libraries that are the proprietary interest of the company, but that you as an individual have a copyleft license to (Iff you don't care that you can't take them private later). Or work for a company that doesn't have such onerous terms in their employment contract.