On 06 Jun 2016, at 16:00, Antoine Queru <antoine.queru@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
> Hello Lars, thanks for your reply.
>>
>>
>>> On 30 May 2016, at 06:45, Antoine Queru
>>> <antoine.queru@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
>>>
>>> Currently, a user wanting to prevent accidental pushes to the wrong remote
>>> has to create a pre-push hook.
>>> The feature offers a configuration to allow users to prevent accidental
>>> pushes
>>> to the wrong remote. The user may define a list of whitelisted remotes, a
>>> list
>>> of blacklisted remotes and a default policy ("allow" or "deny"). A push
>>> is denied if the remote is explicitely blacklisted or if it isn't
>>> whitelisted and the default policy is "deny".
>>>
>>> This feature is intended as a safety net more than a real security, the
>>> user
>>> will always be able to modify the config if he wants to. It is here for him
>>> to
>>> consciously restrict his push possibilities. For example, it may be useful
>>> for an unexperimented user fearing to push to the wrong remote, or for
>>> companies wanting to avoid unintentionnal leaking of private code on public
>>> repositories.
>>
>> Thanks for working on this feature. Unfortunately I won't be able to test and
>> review it before June 14. I am traveling without laptop and only very
>> sporadic internet access :)
>>
>> One thing that I noticed already: I think a custom warning/error message for
>> rejected pushes would be important because, as you wrote above, this feature
>> does not provide real security. That means if a push is rejected for someone
>> in an organization then the user needs to understand what is going on. E.g.
>> in my organization I would point the user to the open source contribution
>> guidelines etc.
>>
>> Thanks,
>> Lars
>
> I might not understand what you've said, but I think this feature is already
> implemented in our version, with remote.pushDenyMessage. Is this what you're
> talking about ?
You are right. I was skimming the diff on a very small screen and
missed that for some reason. Sorry!
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html