[MERGE][RFC] Enhanced hooks

John Arbash Meinel john at arbash-meinel.com
Wed Feb 6 21:14:16 GMT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Robert Collins wrote:
| On Wed, 2008-02-06 at 07:53 -0600, John Arbash Meinel wrote:
|>
|> Consider, one solution would be to require hooks to be gpg signed,
|> and
|> then give a list of keys that you are willing to trust the hooks. It
|> would be possible, but it really starts adding a lot of complexity. I
|> think it is far easier to have someone install the
|> "site-configuration
|> for company Foo" plugin.
|
| I think the right answer for getting centralised config is having the
| hooks installed on a server, and requiring bzr+ssh access be used to
| that server.
|
| This avoids all the security issues (the client does not run the hooks),
| an deployment and versioning issues.
|
| -Rob
|

Well, if you want people to conform to a given commit message template,
even when they are working on a plane....

There are certainly lots of different use cases. I agree that having a
central machine do some of the work is a decent solution. It certainly
shares some ideas with our PQM model.

John
=:->
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHqiMoJdeBCYSNAAMRAvUaAJ4xNnN5It/EWD9XyS8kqDmKxZ4L8gCgoJN2
+m+UC1JUrw2vXgIdvffSg1E=
=hcKs
-----END PGP SIGNATURE-----



More information about the bazaar mailing list