On 03/30/2013 04:10 PM, Jesus Cea wrote:
On 30/03/13 15:15, R. David Murray wrote:
This is the first time we've been in the situation of having a security-only branch in Mercurial (other than 2.7, which is its own head). So I don't believe we have articulated a procedure yet.
I am asking because the commit hook.
I expect patches will be few and far apart, so "somebody" could disable that hook just for committing those, when time comes. But I think would be interesting to actually think about it and document something now, even if we need to update it when we have real experience.
Something simple would be for the hook to refuse any commit in that branch UNLESS it is coming from the maintainer.
Security fixes will have to be coordinated with me anyway, so that is not a problem here. For example, whoever commits them can put them in a clone on hg.python.org, and I will pull them into the main repo.
Georg