Re: pre-commit hook to check syntax

To: "Florian Weimer" <fw@deneb.enyo.de>
Cc: debian-security-tracker@lists.debian.org
Subject: Re: pre-commit hook to check syntax
From: "Thijs Kinkhorst" <thijs@debian.org>
Date: Thu, 30 Aug 2007 15:43:31 +0200 (CEST)
Message-id: <[🔎] 50097.145.92.27.26.1188481411.squirrel@wm.kinkhorst.nl>
In-reply-to: <[🔎] 87ir6xwaxd.fsf@mid.deneb.enyo.de>
References: <[🔎] 200708281346.54987.thijs@debian.org> <[🔎] 87ir6xwaxd.fsf@mid.deneb.enyo.de>

On Thu, August 30, 2007 12:53, Florian Weimer wrote:
> * Thijs Kinkhorst:
>
>
>> svnlook cat -t "$TXN" "$REPOS" "$file" > $tmpfile cd
>> /home/groups/secure-testing/repo
>> python bin/check-syntax CVE $tmpfile
>
> I could change check-syntax so that it can read the data from standard
> input.  This might eliminate the need for a temporary file.

If you wish... I don't think it's essential but would of course make the
process less complex.

> I suppose the /home/groups/secure-testing/repo working copy is not
> updated automatically.  I'm not sure what the consequences are when any
> committer can execute arbitrary code on alioth.

The checkout is only needed for the check-syntax script, so the checkout
needs only be updated if that script (or the libraries) are updated.

Any commiter can already log in by SSH to Alioth and execute code there. I
don't think that adding this is significantly different from the current
setup.

Thijs

Reply to:

Follow-Ups:
- Re: pre-commit hook to check syntax
  - From: Florian Weimer <fw@deneb.enyo.de>

References:
- pre-commit hook to check syntax
  - From: Thijs Kinkhorst <thijs@debian.org>
- Re: pre-commit hook to check syntax
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: Re: pre-commit hook to check syntax
Next by Date: Re: pre-commit hook to check syntax
Previous by thread: Re: pre-commit hook to check syntax
Next by thread: Re: pre-commit hook to check syntax
Index(es):
- Date
- Thread