Paul Moore <p.f.moore at gmail.com> writes: > 2009/8/22 Martin Geisler <mg at lazybytes.net>: >> Oh, we try to be very paranoid in Mercurial :-) That's why you don't >> see any support for copying hgrc files when you clone and why hg wont >> trust hgrc files not owned by you: it should be safe to do >> >> cd ~collegue/src/python >> hg tip > > So, is the implication therefore that there would be resistance to > having some way of making a setting which *is* copied on clone, which > says that you can't commit in this repository unless you have the > following extensions enabled? It sounds somewhat invasive to forbid commits. Moreover, repository owners should remember that clients can do whatever they want, so this can only be a hint, never a requirement. I don't think this has been mentioned: When you clone you move history (changesets) only and I'm pretty sure you cannot even read the configuration settings over the "wire protocol". So cloning from a HTTP URL wont copy a setting found in the <repo>/.hg/hgrc file. This implies that the settings should live in a version controlled file. I think that is sensible under all circumstances. So if the win32text extension (horrible name, I agree... it should have been made more general and called eolconvert or something like that) would just read a configuration file from the repository, then all you should ask people is to enable win32text. > Or is the fact that it's only saying "you must have an extension > called win32text enabled" and not actually enabling code directly, > sufficiently secure to make it acceptable? It is definitely secure enough to be included. There should be a way to turn off those hints, though: I might want to clone the Python repository and play around with it without enabling win32text. -- Martin Geisler VIFF (Virtual Ideal Functionality Framework) brings easy and efficient SMPC (Secure Multiparty Computation) to Python. See: http://viff.dk/. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 196 bytes Desc: not available URL: <http://mail.python.org/pipermail/python-dev/attachments/20090822/6363d7f8/attachment.pgp>
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4