[MERGE][RFC] Enhanced hooks
Aaron Bentley
aaron at aaronbentley.com
Wed Feb 6 07:22:23 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ian Clatworthy wrote:
> 1. Scripts to run when hooks are triggered can now be defined in
> configuration files. Multiple scripts can be given for each
> hook and each hook is named.
Until I read your wiki page, I did not realize you were contemplating
hooks in branch.conf. Since this file may be controlled by another
user, this opens the door to malicious activity. It's something I tried
very hard to guard against happening, which is why gpg_signing_command
cannot be specified in branch.conf.
Should anyone pursue the idea of configuration files, I strongly suggest
that branch.conf be considered untrusted by default.
Aaron
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHqWAv0F+nu1YWqI0RAi53AJ9kW3KT2ypZIKToBgueRQQcxDuWMgCeNlwm
LYpYpzIpGMFfmywOIz8G6zo=
=Te0w
-----END PGP SIGNATURE-----
More information about the bazaar
mailing list