[Koha-devel] git-bz: avoid storing unencrypted passwords in gitconfig

Julian Maurice julian.maurice at biblibre.com
Fri Jan 19 10:13:59 CET 2018 

+1 for using master branch instead of fishsoup (or at least make
fishsoup the default branch so we don't have to specify branch when cloning)

I see that you did retrieve the "git-credential" commit on fishsoup
branch (did you check that it continues to work for those that have
password in their gitconfig ? I did, but another check would be good),
but not the apply_on_cascade branch, why ?

Also, I have a suggestion for git-bz for which I would like to hear
other people opinion:
I think we should use Github/Gitlab/... (whatever platform that makes
easy for people to fork and create pull requests) and give push
permission to anyone interested in reviewing pull requests. That
suggestion also applies to our QA tools. I think that would ease and
encourage improvements. Any thoughts ?

Le 18/01/2018 à 19:38, Jonathan Druart a écrit :
> Very long standing issues, good to see it fixed :)
> I have picked the commit for the apply_on_cascade branch of my github repo.
> Maybe we should make it (apply on cascade + use-git-credential) the
> default and push it to the community/master(or fishsoup) branch.
> 
> By the way the fishsoup repo is 37 commits ahead from us :-/
> http://git.fishsoup.net/cgit/git-bz/
> 
> On Wed, 17 Jan 2018 at 07:14 Julian Maurice <julian.maurice at biblibre.com
> <mailto:julian.maurice at biblibre.com>> wrote:
> 
>     Hi all,
> 
>     I recently shared an LXD container containing my Koha dev environment,
>     and of course I forgot to remove my Bugzilla credentials from the git
>     config...
>     I immediately changed it, but for that not to happen again I searched
>     for a way to not have to store unencrypted passwords for git-bz.
> 
>     The result is here https://github.com/jajm/git-bz/tree/git-credential
> 
>     It uses git-credential, so you can theoretically use any password
>     manager you want, as long as you can write a git-credential helper for
>     it (I use the builtin 'cache' helper, which stores passwords in memory)
> 
>     I thought it might interest some people here.
> 
>     For more information, see the commit message at
>     https://github.com/jajm/git-bz/commit/efb06d8fe3033a83772d0294ab5f67c7f51eaf57
> 
>     --
>     Julian Maurice <julian.maurice at biblibre.com
>     <mailto:julian.maurice at biblibre.com>>
>     BibLibre
>     _______________________________________________
>     Koha-devel mailing list
>     Koha-devel at lists.koha-community.org
>     <mailto:Koha-devel at lists.koha-community.org>
>     http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
>     website : http://www.koha-community.org/
>     git : http://git.koha-community.org/
>     bugs : http://bugs.koha-community.org/
> 

-- 
Julian Maurice <julian.maurice at biblibre.com>
BibLibre

More information about the Koha-devel mailing list