Re: Commit ID in exported Tar Ball

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, May 21, 2007 at 08:02:32AM CEST, Shawn O. Pearce wrote:
> Ren?? Scharfe <rene.scharfe@xxxxxxxxxxxxxx> wrote:
> > Shawn O. Pearce schrieb:
> > > 
> > > git-describe is more human-friendly than a SHA-1...
> > 
> > Yes, and the Makefile does even more than that: it adds a version file,
> > a spec file and another version file for git-gui.
> > 
> > The first two are probably useful for most projects that actually do
> > versioned releases.  We could have a simple parser that reads a
> > template, replaces @@VERSION@@ with a git-describe output string and
> > adds the result as a synthetic file to the archive.  It's not exactly
> > trivial -- e.g., how to specify git-describe options, template file and
> > synthetic name, all in one command line parameter? -- but it's doable.
> 
> Maybe something just as simple as allowing the user to specify a
> shell script in-tree that we unpack and run for them?  That script
> prints to stdout the content of the file to include.

Specify how? At the point of git-archive execution? At that point you
usually can append the file to the archive as well.

And if you make it somehow a "project default", that becomes a huge
security risk, since anyone who clones the project and runs git-archive
will execute aribtrary code on his account.

Besides, the original motivation for this were snapshots from gitweb.
Gitweb frequently does not run with the uid of the project owner, so
this becomes a security problem as well.

Maybe some kind of format-string in .git/config...

-- 
				Petr "Pasky" Baudis
Stuff: http://pasky.or.cz/
Ever try. Ever fail. No matter. // Try again. Fail again. Fail better.
		-- Samuel Beckett
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux