I'm working on the Git hooks (specifically the 'update' hook right now) and am trying to figure out what sorts of things we would want in a pre-commit (or pre-push, in the case of DVCSs) hook.
What I have now
For now, I have only been checking whether the user attempting to push has an account with the given repository. Combined with the "admin must approve accounts" setting on repositories, this seems good enough to be useful.
Do we want more?
I seem to recall there being restrictions on what branch and tag names were allowed in the CVS repository, since they were globally visible, but with one repository per project (for drupal.org), this would seem to be a non-issue.
Do we still want some sort of restriction on who can commit where, aside from membership with the repository? I can envision something like having certain users able to push to certain branches (this would apply more to DVCSs). This would allow for a style where there is a "master" branch, to which only the project admin has push access, but anyone can create other branches. That is what I'm planning on working on later (the item "Multiple project branches" on my project wiki), but is there anything else we would want?