为什么Mercurial不支持通过HTTP进行远程存储库创建? [英] Why doesn't Mercurial support remote repository creations over HTTP?

问题描述

我知道这是不是

I know it is not possible to create Mercurial repositories remotely using HTTP(S), for instance:

$ hg init https://host.org/repos/project

或

$ hg clone /path/to/local/project https://host.org/repos/project

但是，这是什么原因呢?安全问题?不需要吗仅仅是因为还没有人实现?

But, what's the reason? Security issues? No need for it? Simply because nobody has implemented it yet?

有关此问题的说明:在我公司中，我们通过HTTPS共享大多数资源，即访问权限仅由Apache管理，普通用户无法通过服务器上的SSH登录.只要只需要提供存储库，这就是完美的选择(为此，我们对hgwebdir.cgi感到满意).但是，我们还希望允许远程创建回购协议，而无需在服务器上维护其他/已修补的脚本以及在客户端上维护其他工具.

Rationale for this question: In my company we share most resources via HTTPS, i.e. access permissions are managed by Apache only and regular users cannot login via SSH on the server. That's just perfect as long as repositories need to be served only (for that purpose we are happy with hgwebdir.cgi). However, we also want to allow the remote creation of repos, without the need to maintain additional/patched scripts on the server and extra tools on clients.

要明确:此问题并不是针对我们特定问题的解决方案，而是Mercurial不支持此功能本身的原因.

更新

这是我正在考虑的情况的更详细的技术说明.假定hgwebdir.cgi在https://.../repos处的/path/to/repos中提供了一个存储库集合(启用了推入).每个被允许访问该URL(在Apache中配置)的用户都可以拉入和推入变更集，这实际上意味着hgwebdir.cgi(因此是hg)编辑和创建/path/to/repos以下的文件.现在，让hgwebdir.cgi在/path/to/repos下创建新存储库的障碍是什么?

Here's a more technical description of the situation I'm thinking of. Supposed hgwebdir.cgi serves a collection of repositories in /path/to/repos at https://.../repos (with pushing enabled). Every user allowed to access this URL (as configured in Apache) may pull and push changesets, effectively this means that hgwebdir.cgi (and thus hg) edits and creates files below /path/to/repos. Now, what's the barrier in letting hgwebdir.cgi also create new repositories below /path/to/repos?

推荐答案

我认为原因是增加对创建存储库的支持将带来相当大的负担:

I think the reason is that adding support for creating repositories will bring in a fair amount of baggage:

• 如果您可以创建存储库，则希望能够将其删除.尽管这看起来很简单，但与Mercurial正常工作的安全方式相比，还有很大的一步-标准Mercurial中没有破坏性命令.

• if you can create repositories you would expect to be able to delete them. While that might seem simple, it would be a big step away from the safe manner in which Mercurial normally works -- there is no destructive commands in standard Mercurial.

人们还希望编辑.hg/hgrc文件以设置描述和联系信息-标准Mercurial从不更改配置文件，因此这又是新事物.

people would also want to edit the .hg/hgrc files to set the description and contact information -- standard Mercurial never changes the config files, so this would again be a new thing.

人们还希望管理用户对新存储库的访问权限-这意味着编辑.htaccess文件或其他Web服务器的等效文件.

people would also want to manage users' access to the new repositories -- this means editing .htaccess files or the equivalent for other webservers.

...等等.实施此小"功能将为许多额外的功能请求带来便利，而我们只有少数Mercurial开发人员，同时也是锯齿状的Web开发人员.

... and so on. Implementing this "little" feature will open up for a lot of extra feature requests and we only have a few Mercurial developers that are also sawy web developers.

但是，现在有一个出色的开源解决方案: Kallithea 为您提供了一个微型Bitbucket"您可以在自己的服务器上进行部署.它将完成以上所有操作.如果我需要比普通hgweb.cgi更强大的功能，则可以将其安装在服务器上.它同时支持Mercurial和Git.

However, there is now an excellent open source solution: Kallithea gives you a "mini-Bitbucket" that you can deploy on your own server. It will do all of the above. I would install that on my server if I needed something more powerful than plain hgweb.cgi. It supports both Mercurial and Git.

这篇关于为什么Mercurial不支持通过HTTP进行远程存储库创建?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！