Re: [RFC PATCH] hooks: add some defaults to support sane workflow to pre-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Heiko Voigt wrote:
> This leads me to a completely different solution to the same problem.
> How about teaching git to inherit its hooks from the parental project
> (e.g. the one it was cloned from)? That way we are not limited to
> one default behaviour but many that would match the one from the
> upstream project.
[...]
> What do you think about that?

Three words: huge security hole.

Especially on cloning, where the checkout immediately afterwards
would already run the post-checkout hook, without any chance for the
user to inspect its contents.

The usual advice is to track the hooks in the repository, e.g., under
hooks/, and instruct the users to copy them to .git/hooks/ if they
want them.

-- 
Thomas Rast
trast@{inf,student}.ethz.ch

Attachment: signature.asc
Description: This is a digitally signed message part.


[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux