[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Updating the “pre-push” Git hook
From: |
Vagrant Cascadian |
Subject: |
Re: Updating the “pre-push” Git hook |
Date: |
Mon, 25 May 2020 13:13:16 -0700 |
On 2020-05-24, Ludovic Courtès wrote:
> Efraim Flashner <address@hidden> skribis:
>> On Fri, May 22, 2020 at 10:44:48PM +0200, Ludovic Courtès wrote:
>>> Hello Guix!
>>>
>>> I think we should change our pre-push hook as shown below.
>>>
>>> Thoughts?
...
>> (ins)efraim@E5400 ~$ type -P make
>> (ins)efraim@E5400 ~$ command -v make
>>
>> I'd need to run 'guix environment --ad-hoc make -- git push'
>
> You’d need to run ‘git push’ from a full Guix development environment.
> Do you think it could be a problem?
Wait a minute... you're saying this is something that needs to be
configured on each committer's machine(s)?
Shouldn't it be on the server-side recieve hooks instead, otherwise
someone might accidentally (or intentially) push commits not
appropriately signed to the repository or validated by this check...
Or is this an optional check for recommended for committers? Have I been
missing something all along that I was supposed to be doing?
For my own workflow, I usually do not (yet) sign or push commits from a
machine with guix installed... it's a bit awkward, admittedly, but I
don't yet have any SSH or OpenPGP keys I trust guix with directly
(ironically, "make authenticate" is working towards addressing exactly
that trust issue).
live well,
vagrant
signature.asc
Description: PGP signature
Re: Updating the “pre-push” Git hook, Efraim Flashner, 2020/05/24
Heads-up: “pre-push” Git hook updated, Ludovic Courtès, 2020/05/29