SVN to Mercurial questions
Isaac Jurado
diptongo at gmail.com
Fri Feb 20 13:14:54 CST 2009
On Fri, Feb 20, 2009 at 6:27 PM, Jeff Squyres <jsquyres at cisco.com> wrote:
>
> Greetings all. We're considering moving our project (Open MPI) from
> SVN to Mercurial.
Great! MPI is the parallel programming model/library of the future :-)
Hopefully, with such a move, Mercurial will start to be known an
accepted in the scientific comunity.
> Is there any similar way to make hg cache the HTTP(S)
> username/password so that I don't have to type it 20 times a day?
AFAIK, you can issue the user/pass in the URL directly, like so:
https://user:pass@host/path
Therefore, if you don't mind storing passwords in clear text, you can
save that url in the [paths] section of the hgrc.
> 2. We want to allow random anonymous hg pulls (via HTTP; no need for
> HTTPS here), but only allow authenticated developers to push (via
> HTTPS). What's the best/recommended way to configure this?
>
> [...]
>
> - Is there magic Apache configuration that can be used (perhaps
> via Limit) that would not allow hg pushes via HTTP, and only allow hg
> pushes via HTTPS? E.g., if we Limit POST on the HTTP vhost, will that
> effectively disable hg pushes via hgwebdir.cgi?
Certainly, the HTTP(S) request is first handled by the Apache server,
then (if acceptable) forwarded to the Mercurial (WS)CGI script. So the
Limit and Limit-Except Apache directives should work. In my case it
works in order to require autentication for push, but not for pull.
Another option is to have different URLs for push and pull. For
example:
https://host/push/path
http://host/public/pull/path
And then choose one of the many possibilities: ModRewrite, symbolic
links, multiple copies of the hgweb.cgi script (sharing the same
repositories and runtime but different hgrc), etc.
The fact of having two kinds of default paths ("default" for pull and
"default-push" for push, indeed ;-) could be the indicator of doing it
the right way
> Not trusting file /scratch/hg/push-test/.hg/hgrc from untrusted
> user jsquyres, group openmpi
>
> This warning seems to occur whenever someone who is not the owner of
> that hgrc file tries to push or pull -- even if they're in the same
> group of the file (e.g., the openmpi group, listed above). Is there
> any way to "fix" this warning?
More information about the Mercurial
mailing list