diff options
| author |  anarcat <anarcat@web> | 2015-06-16 21:06:14 +0000 |
|---|---|---|
| committer |  admin <admin@branchable.com> | 2015-06-16 21:06:14 +0000 |
| commit | 4254d0a175db2f65a65cf5bbc7d7926f79ca73aa (patch) | |
| tree | 51e3deb949727cc9abbec069c7ca4e6e58edc3b9 | |
| parent | 8e9feaacdf1603ca40113d5f3e39d0b0f84686eb (diff) | |
sign and split out
| -rw-r--r-- | doc/todo/git-hook_to_sanity-check_git-annex_branch_pushes.mdwn | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/doc/todo/git-hook_to_sanity-check_git-annex_branch_pushes.mdwn b/doc/todo/git-hook_to_sanity-check_git-annex_branch_pushes.mdwn index d41ad3318..7eb02c3ff 100644 --- a/doc/todo/git-hook_to_sanity-check_git-annex_branch_pushes.mdwn +++ b/doc/todo/git-hook_to_sanity-check_git-annex_branch_pushes.mdwn @@ -35,4 +35,7 @@ This might be too limiting for some situations: And, it would add another UUID, which the second level of checking would need to be configured to allow. -I started doing an implementation of this in Python here. For technical reasons the git repo is not publicly available, but here's a [dump](http://paste.debian.net/232563/) of the code. I went through what seems to be a rather convoluted process with libgit there because I wanted to have some proper unit tests and generating git commands by hand in a shell script is rather painful.Also, it currently adopts a "blocking" approach, ie. it blocks known problems, but maybe it should be based on an "allow" approach, that is: only allow certain things to go through. So far it only forbids removals and changes to trust.log. A bunch of stuff is still missing like parameters (to allow changing the list of protected files) and checking the log tracking info. Feedback welcome. +Python implementation +--------------------- + +I started doing an implementation of this in Python here. For technical reasons the git repo is not publicly available, but here's a [dump](http://paste.debian.net/232563/) of the code. I went through what seems to be a rather convoluted process with libgit there because I wanted to have some proper unit tests and generating git commands by hand in a shell script is rather painful.Also, it currently adopts a "blocking" approach, ie. it blocks known problems, but maybe it should be based on an "allow" approach, that is: only allow certain things to go through. So far it only forbids removals and changes to trust.log. A bunch of stuff is still missing like parameters (to allow changing the list of protected files) and checking the log tracking info. Feedback welcome. --[[anarcat]] |