Find committer of a force push on github

Solution 1:

You can add a webhook to your Github repository and have it submit the push notifications to some server or a service like requestb.in.

The notification payload has a pusher key which identifies the Github user account used to push the update(s). This way you should be able to identify the "bad guy".

Edit: The payload also has a boolean forced key, which tells you if the even was --force pushed or not. It is not shown in Github's example payload [as of 2013-07-06], but visible in this other example.

Edit: This is only possible because Github is an integrated solution that identifies the pusher and provides that information in the webhook payload. Using a pure Git server (e.g. using only SSH for authorization) or a different Git serving solution (Gitolite, Gitlab, etc), this might not be possible. Git itself has no way of identifying the user who pushes (Git only saves user information in commit and tag objects), so this information has to be provided by the identification & authorization part of the connection (this can be SSH or HTTPS or the likes; it can also be completely missing, for example when pushing locally to a repo on the same file system).

Solution 2:

As GitHub just mentioned on twitter

Let the force (push) be with you.

Seriously.
Go ahead, force push to that branch

https://pbs.twimg.com/media/DsJIVxtU4AAreMW.jpg:large

The blog post "Force push timeline event" mentions:

When you force push to a branch, GitHub now displays the force push event in the “Conversation” timeline of your pull request.

Clicking the “force-pushed” link will show a two dot comparison between the two commits.