d633541ecc
Gerrit wants each commit message to include a unique identifier string in a special footer line, so provides a commit-msg hook to randomly generate and insert one. Traditionally, this file is served directly from each Gerrit server and users retrieve it via SCP or HTTPS to install a local copy in their clone of every repository. Retrieving this file over the network has historically presented a number of challenges: modern OpenSSH has deprecated the SCP protocol while the mina-sshd library Gerrit uses hasn't implemented compatible SFTP support, authentication failures can shadow some clearer error handling later in git-review's workflow leading to confusing error messages, and then there are the security concerns with needing to trust the Gerrit server to supply a script which will end up running locally on the developer's machine. In order to address these problems, making git-review more robust and secure, we embed a copy of the Gerrit upstream project's commit-msg hook in the client itself and write that to disk by default rather than pulling a remote copy. This approach does mean that the user will end up with a frozen version of the script contemporary with the git-review release they've installed (but its function is simple and the implementation has changed very infrequently). It may also break workflows for sites which rely on users retrieving a customized commit-msg hook. For those reasons, a command-line option is provided to restore the prior behavior. Change-Id: Ia26abc781a281817115cb1cafcd5e7b78b383e39 |
||
|---|---|---|
| .. | ||
| tests | ||
| __init__.py | ||
| cmd.py | ||
| hooks.py | ||