Web lists-archives.com

Re: [PATCH 0/5] Multiple hook support




On Wed, Apr 24 2019, Jonathan Nieder wrote:

> Hi,
>
> brian m. carlson wrote:
>
>> I've talked with some people about this approach, and they've indicated
>> they would prefer a configuration-based approach.
>
> I would, too, mostly because that reduces the problem of securing
> hooks to securing configuration.  See
> https://public-inbox.org/git/20171002234517.GV19555@xxxxxxxxxxxxxxxxxxxxxxxxx/
> for more on this subject.

I hadn't noticed this E-Mail when I later wrote similar musings on the
subject:

https://public-inbox.org/git/87zi6eakkt.fsf@xxxxxxxxxxxxxxxxxxx/
https://public-inbox.org/git/874lkq11ug.fsf@xxxxxxxxxxxxxxxxxxx/

I.e. what I wanted out of it was an in-repository .gitconfig instead of
inspecting some some random repo with a .git/config.

But the problem to be solved is the same: The ability to carefully poke
a config file with a stick at a distance, and carefully whitelist which
parts of it (if any) you want to trust.