Skip to content
This repository has been archived by the owner on Nov 9, 2017. It is now read-only.

Allow user to review attached .devassistant file when cloning with prep/custom #46

Open
tradej opened this issue Aug 8, 2014 · 0 comments
Open

Allow user to review attached .devassistant file when cloning with prep/custom #46

tradej opened this issue Aug 8, 2014 · 0 comments
Labels
enhancement

Comments

@tradej
Copy link
Member

tradej commented Aug 8, 2014

Simply executing an attached assistant could be a security risk. I think the user should be required to explicitly affirm their willingness to execute the .devassistant script attached to the upstream project before the actual execution, possibly with the option to review the sources. Alternatively, we could perform some sanity checks.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tradej