[Zope-dev] Re: http access to svn repos?
Jim Fulton
jim at zope.com
Tue Mar 7 10:32:33 EST 2006
Tres Seaver wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Chris Withers wrote:
>
>
>>Would anyone be averse to making anonymous http checkouts possible from
>>zope.org?
>>
>>Some of us are behind annoying proxies that won't let svn through :-/
>
>
> At one point, enabling the 'http:' checkout gateway was a sure-fire
> recipe for getting SVN's knickers in a twist, which is why we disabled
> it. Or maybe that was ViewCSV.
Actually, it was BekeleyDB. :)
The main obstical was that it required apache 2 and, at the time
we were running apache 1 and I didn't want to spend the time
figuring out the apache access.
> In any case, I would guess that you might persuade folks to allow
> DAV-based checkout (which is what svn-over-http is), but you are likely
> to have to write it up as a proposal, including specific information
> about the Apache / SVN configuration changes required.
>
>
>>PS: https write access would be nice, but I guess that's out of the
>>question?
>
>
> Yes, definitely. The answer is the same as when you asked for it two
> years ago (: the WebDAV stuff is slow (which may be a reason not to
> allow annonymous http: checkouts, too), and the credentials mechanism is
> built entirely around the contributor's SSH key..
I would support HTTP anonymous checkouts. I'm really against
writable HTTP checkouts because I consider the credentials
mechanism for HTTP access to be extremely lame. Despite out
lame program for uploading keys, I find the ssh-based access
mechanism to be far more usable and secure.
Jim
--
Jim Fulton mailto:jim at zope.com Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
More information about the Zope-Dev
mailing list