Re: [PATCH] Add support in sample hook script for denying annotated tags.

["Boyd Stephen Smith Jr." <bss@iguanasuicide.net>]

[-- Attachment #1: Type: Text/Plain, Size: 2408 bytes --]

In <20101031202433.GB21240@burratino>, Jonathan Nieder wrote:
>Boyd Stephen Smith Jr. wrote:
>> Signed-off-by: "Boyd Stephen Smith Jr." <bss@iguanasuicide.net>
>> ---
>> 
>>  templates/hooks--update.sample |    9 +++++++++
>>  1 files changed, 9 insertions(+), 0 deletions(-)
>> 
>> In one project I'm in we are using a centralized Git repository that many
>> developers have access to.  As such, we want to prevent tags from being
>> created by push operations and have them created by the administrators.
>> 
>> This is a modification to the sample update hook to allow this to simply
>> be a configuration option.
>
>This kind of justification belongs above the "---", I think.

Eh, poop.  I wasn't sure were it went since it's been so long since I sent a 
patch in.  I thought only the "commit message" went above the "---" and my 
explanation seemed a bit over-long for a commit message.

I'll STFW next time and get it correct; I'd like to make it easy to use git am 
or git apply on the mail so that it is easier to review.

>No opinion on the functionality itself.  Just:
>> --- a/templates/hooks--update.sample
>> +++ b/templates/hooks--update.sample
>> @@ -7,6 +7,9 @@
>> 
>>  #
>>  # Config
>>  # ------
>> 
>> +# hooks.allowannotated
>> +#   This boolean sets whether annotated tags will be allowed into the
>> +#   repository.  By default they won't be.
>
>hooks.denyannotated (defaulting to false) would be more consistent
>with hooks.denycreatebranch, no?

Most of the flags were allow* and that seems to be a better way to approach 
access restrictions like this.  denycreatebranch is the odd one out, and I was 
considering a patch that would change it to an allow* as well.

Still, I'm happy to change the new flag to a deny* if there's consensus that 
it is better implemented that way.

>Or maybe hooks.denycreatetag --- 

That's probably better if you think of this as being analogous to 
denycreatebranch.  When I wrote the patch I was thinking of this flag as being 
analogous to allowunannotated.

>a situation in which unannotated
>tags should be allowed but annotated denied seems hard to imagine.

Agreed.
-- 
Boyd Stephen Smith Jr.                   ,= ,-_-. =.
bss@iguanasuicide.net                   ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy         `-'(. .)`-'
http://iguanasuicide.net/                    \_/

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 197 bytes --]