[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Updating the “pre-push” Git hook
|
From: |
Leo Famulari |
|
Subject: |
Re: Updating the “pre-push” Git hook |
|
Date: |
Tue, 26 May 2020 12:41:47 -0400 |
On Mon, May 25, 2020 at 01:13:16PM -0700, Vagrant Cascadian wrote:
> Wait a minute... you're saying this is something that needs to be
> configured on each committer's machine(s)?
Yes, it was recommended in HACKING and then, after we removed that file,
in the Commit Access section of the manual. We try to remind new
committers to read these files but maybe we forgot for you.
However, the security model does not depend on either it or on a
post-receive server hook. It's simply to prevent mistakes.
There are commits in the repo that are unsigned when they should have
been signed, and even one commit that is signed but that fails the
signature check :/
A simple pre-push hook would have caught that.
signature.asc
Description: PGP signature
- Re: Updating the “pre-push” Git hook, (continued)
Re: Updating the “pre-push” Git hook, Efraim Flashner, 2020/05/24
Heads-up: “pre-push” Git hook updated, Ludovic Courtès, 2020/05/29