[aur-dev] [PATCH 1/2] Emit warning when TUs use their supowerpowers to overwrite a pkgbase
eschwartz at archlinux.org
Fri Jul 21 04:13:39 UTC 2017
AUR_PRIVILEGED allows people with privileged AUR accounts to evade the
block on non-fast-forward commits. While valid in this case, we should
still provide a message saying that this happened, since in at least one
case ( https://aur.archlinux.org/packages/rtmidi/ ) a TU did this
without realizing there was an existing package.
Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
Similar to the warn_or_die function, except that doesn't take
alternative messages and there is no nice universal message here.
I think I prefer something that allows the TU to set whether they really
mean to perform a privileged TU action, since accidentally overwriting
something is kind of bad either way.
The follow-up patch implements this -- instead? alongside? Either patch
stands on its own, though I think I'd like to see both.
aurweb/git/update.py | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/aurweb/git/update.py b/aurweb/git/update.py
index c9a98d0..3b9ff97 100755
@@ -258,11 +258,14 @@ def main():
conn = aurweb.db.Connection()
# Detect and deny non-fast-forwards.
- if sha1_old != "0" * 40 and not privileged:
+ if sha1_old != "0" * 40:
walker = repo.walk(sha1_old, pygit2.GIT_SORT_TOPOLOGICAL)
if next(walker, None) is not None:
- die("denying non-fast-forward (you should pull first)")
+ if privileged:
+ warn("non-fast-forward push (are you absolutely sure you mean this?)")
+ die("denying non-fast-forward (you should pull first)")
# Prepare the walker that validates new commits.
walker = repo.walk(sha1_new, pygit2.GIT_SORT_TOPOLOGICAL)
More information about the aur-dev