[aur-dev] Git repositories for AUR packages
supercodingmonkey at gmail.com
Tue Jun 24 03:32:11 EDT 2014
On Tuesday, June 24, 2014 03:20:08 PM 郑文辉 wrote:
> > Using Git hooks, the .AURINFO metadata of a package is parsed when
> > pushing and the AUR package database is updated accordingly. Hooks will
> > also take care of checking the tree objects for huge files etc. The
> > receive.denyNonFastForwards configuration option will be enabled to
> > prevent users from rewriting the history.
> Any thought on package history policy? Does the maintainer to be
> allowed to rewrite/alter the git history of package? As far as I know,
> git does not forbid this kind of things, so, what if a ill-intended
> guy replace the history of a package with his well-crafted history,
> and completely wiped out the change log of the original package? What
> is our pollicy or measures on this? From my point of the view, the
> history of a package is the essiential part of the AUR, which we can
> know hos the package is envolved and perfacted.
Just a quick note since the history rewrite question was answered already in
a section you quoted:
"The receive.denyNonFastForwards configuration option will be enabled to
prevent users from rewriting the history."
This was also brought up in the discussions leading to this   so if you haven't
read through them yet, I recommend it. Most edge-cases have already been
considered, so the answers to your other questions may be there.
More information about the aur-dev