Untrusted hgrc files, why report them?
mg at aragost.com
Fri Feb 25 10:52:49 CST 2011
Matt Mackall <mpm at selenic.com> writes:
> On Fri, 2011-02-25 at 10:40 +0100, Martin Geisler wrote:
>> Hi guys,
>> It's very rare that I'm working with a repository that I do not
>> completely own, but when I do, it's highly annoying to get the warnings
>> about untrusted config files.
>> Why do we even issue such warnings? It's not like I would expect my
>> Emacs to read another users's ~/.emacs file if I open a file inside his
>> home directory. So I would also not expect Mercurial to honor a .hg/hgrc
>> file belonging to another user.
> That's not an analogous situation: no tilde. The file you're talking
> about is the _repository_ configuration, so I think most people will
> in fact expect it to be honored.
Hmm, I see your point. I guess it's because I never work with a
repository shared like that, so I'm not really sure what I expect in
>> I suspect that most of us core developers never see the warning
>> because we always own our repositories. And I also suspect that when
>> users do see the warning, then it's only annoying and strange to
> Consider which is worse:
> - an obnoxious warning
> - users who get extremely frustrated trying to figure out why settings
> mysteriously aren't taking effect
Yeah, it's just that I've only seen the warning in situations where it
was annoying and never when it was useful :)
Professional Mercurial support
More information about the Mercurial-devel