[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: dist-git proof of concept phase 2 ready for testing

On Sun, 2009-12-20 at 19:31 -0800, Jesse Keating wrote:
> On Sun, 2009-12-20 at 10:28 +0100, Hans Ulrich Niedermann wrote:
> > Currently, it appears that I can push arbitrarily named branches, at
> > least if the package does not have per branch ACLs:
> > 
> Yes, that makes sense given the way the ACL system works, it just wasn't
> fully expected by me.  A small change to the ACL generation script will
> make sure that this sort of loophole is closed.

This has been done.  The way the ACLs now work, if you are a packager,
you can create branches in any package that start with "private-".  This
makes it even easier to pass changes around as you can tell the
maintainer to pull from or merge from a private branch you've created.

Nobody should be able to create any branches that do not start with

If we wanted to lock this down more, and only allow you to commit to a
private- branch only if you already have write access to some other
branch (F-12, master, EL-5, whatever) then I'll have to add more logic
to the ACL generation tool.  But for now, I like the freedom we have.

We'll make sure that the buildsystem will not allow any official
(non-scratch) builds to happen from a private-* branch.

Jesse Keating
Fedora -- FreedomĀ² is a feature!
identi.ca: http://identi.ca/jkeating

Attachment: signature.asc
Description: This is a digitally signed message part

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]