On 3 May 2012 02:00, Thomas Rast <trast@xxxxxxxxxxxxxxx> wrote: > Hilco Wijbenga <hilco.wijbenga@xxxxxxxxx> writes: > >>> Matthieu is *not* talking about auditing nastiness going into the >>> project's repository; he is talking is about a chance to audit whatever >>> comes from the project's repository that *could* potentially contain some >>> nastiness before it causes harm to your working environment. In other >>> words, not *having* to trust what is in the project's repository, but >>> having a way to verify. >> >> Perhaps these automatic hooks should only be applicable for "outgoing" >> changes like commit and push? That way you can review the hooks before >> they run but you still have a chance to prevent developer errors from >> getting to the server/other people (which is really all I care about, >> I am looking for a way to protect developers from making silly >> mistakes). > > Shouldn't those checks be made server-side with a pre-receive hook? Firstly, see my original email: we have no such access to the server. Secondly, (now that I've thought about it a bit more), it makes more sense to do it on the "client" instead of having the server do all the work for everybody. (Fail early, fail fast.) -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html