[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Feature idea: user-configurable post-commit notifications

From: Branko Čibej <brane_at_xbc.nu>
Date: Fri, 23 Apr 2010 12:48:41 +0200

On 23.04.2010 11:45, Bert Huijben wrote:
>> -----Original Message-----
>> From: Greg Stein [mailto:gstein_at_gmail.com]
>> Sent: vrijdag 23 april 2010 0:57
>> To: Hyrum K. Wright
>> Cc: Subversion Development
>> Subject: Re: Feature idea: user-configurable post-commit notifications
>>
>> Write a hook script to do exactly that, and make it part of the
>> standard release.
>>
>> In some future release, after that script and its features stabilize,
>> *then* we can consider placing into into the core code.
>>
>> I fear the security aspects of something like you talk about: anybody
>> with commit access getting the server to issue a POST request to any
>> arbitrary URL *reachable* by the server? Oh ho ho... I can't even
>> begin to describe how many alarms that would trip with security
>> conscious administrators.
>>
> +1 on all of this.
>

*Shudder*. I'm not all that rabidly security-conscious but the very idea
raises the hair on the soles of my feet. Which is quite something
considering that I don't have any there.

Interestingly enough you do not even have to write a hook script that
does that. As long as your repository has any kind of subscribable
commit notification, e.g., uses mailer.py, you can trigger secondary
client-side notifications off of that.

-- Brane
Received on 2010-04-23 12:49:17 CEST

This is an archived mail posted to the Subversion Dev mailing list.