Time data could/should be randomized (can still be ordered, but distribute regularly over the day). Couple this with pushing commits at random times in a defined timezone and you probably can get rid of most time leaks?
You want to make at least a 24 hour window of plausible commit time, which is constrained by the previous pull time (assuming it is from someone else and not obfuscated), and the push time.
I would push at midnight UTC that is at least 24 hours after the most recent pull and set commit time = push time.
This is great feedback. I will add some notes to the README and investigate some possible strategies for mitigating these information leaks. Thank you!
This seems to really be a pseudonym management tool, which is useful, but technically not anonymous.
A few information leaks still present:
* Timezone (narrows down location)
* Commit times (narrows down sleeping/working hours)
* SSH client version (shows Linux distro version and patch level)