[aur-dev] [PATCH v4] Require TUs to explicitly request to overwrite a pkgbase
lfleischer at archlinux.org
Tue Jul 25 18:12:41 UTC 2017
On Tue, 25 Jul 2017 at 05:31:19, Eli Schwartz wrote:
> AUR_PRIVILEGED allows people with privileged AUR accounts to evade the
> block on non-fast-forward commits. While valid in this case, we should
> not do so by default, since in at least one case a TU did this without
> realizing there was an existing package.
> ( https://aur.archlinux.org/packages/rtmidi/ )
> Switch to using allow_overwrite to check for destructive actions.
> Use .ssh/config "SendEnv" on the TU's side and and sshd_config
> "AcceptEnv" in the AUR server to specifically request overwrite access.
> TUs should use: `AUR_OVERWRITE=1 git push --force`
> Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
> INSTALL | 1 +
> aurweb/git/auth.py | 2 ++
> aurweb/git/update.py | 3 ++-
> doc/git-interface.txt | 6 ++++++
> 4 files changed, 11 insertions(+), 1 deletion(-)
Looks good. Queued, thanks!
More information about the aur-dev