| commit | c5302d3a33028f483cc2e01225226d4ae047dd4a | |
| author | Eli Schwartz <eschwartz@archlinux.org> | |
| Tue, 25 Jul 2017 03:31:19 +0000 (24 23:31 -0400) | ||
| committer | Lukas Fleischer <lfleischer@archlinux.org> | |
| Tue, 25 Jul 2017 18:12:11 +0000 (25 20:12 +0200) | ||
| tree | 9bc9895223019903b52124bca4b7c8c608f246cf | treesnapshot (tar.gz zip) |
| parent | 243fb92273de1c8bf5c938a62cb06bd198c97c4c | commitdiff |
Require TUs to explicitly request to overwrite a pkgbase
AUR_PRIVILEGED allows people with privileged AUR accounts to evade the
block on non-fast-forward commits. While valid in this case, we should
not do so by default, since in at least one case a TU did this without
realizing there was an existing package.
( https://aur.archlinux.org/packages/rtmidi/ )
Switch to using allow_overwrite to check for destructive actions.
Use .ssh/config "SendEnv" on the TU's side and and sshd_config
"AcceptEnv" in the AUR server to specifically request overwrite access.
TUs should use: `AUR_OVERWRITE=1 git push --force`
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
AUR_PRIVILEGED allows people with privileged AUR accounts to evade the
block on non-fast-forward commits. While valid in this case, we should
not do so by default, since in at least one case a TU did this without
realizing there was an existing package.
( https://aur.archlinux.org/packages/rtmidi/ )
Switch to using allow_overwrite to check for destructive actions.
Use .ssh/config "SendEnv" on the TU's side and and sshd_config
"AcceptEnv" in the AUR server to specifically request overwrite access.
TUs should use: `AUR_OVERWRITE=1 git push --force`
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
| INSTALL | diffblobblamehistory | |
| aurweb/git/auth.py | diffblobblamehistory | |
| aurweb/git/update.py | diffblobblamehistory | |
| doc/git-interface.txt | diffblobblamehistory |