On Mon, 09 Sep 2013 22:48:42 +0000, Niels Basjes wrote: ... > However I can imagine that a malicious opensource coder can create a > github repo and try to hack the computer of a contributer via those > scripts. So having such scripts is a 'bad idea'. Given that half the repos out there are cloned to 'make install' in them...it's still a bad idea. > If those scripts were how ever written in a language that is build > into the git program and the script are run in such a way that they > can only interact with the files in the local git (and _nothing_ > outside of that) this would be solved. I still think this is a nightmare of maintenance. You'd need a restricted version of a language that doesn't allow access outside the repo (and no TCP either), and someone will always miss some module... Not that it wouldn't be cool, yet. ... > Like I said, this is just a proposal and I would like to know what you > guys think. I think there are generally two use cases: - Many people working on repos in an organization. Give them a wrapper script that does the clone (and also knows the clone URL already), that will set up hooks and configuration as needed. - github-style cooperation. Add a make hooks to your Makefile that sets up the hooks your project seems to want. After all, this is for the developers to pre-check what they will submit, so it is in their own interest to have (and cross-read) the hooks. Andreas -- "Totally trivial. Famous last words." From: Linus Torvalds <torvalds@*.org> Date: Fri, 22 Jan 2010 07:29:21 -0800 -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html