>>>>> On Sat, 28 Oct 2017, Michał Górny wrote: >> > The Manifest files can also specify ``IGNORE`` entries to skip >> > Manifest verification of subdirectories and/or files. Files and >> > directories starting with a dot are always implicitly ignored. >> > All files that are not ignored must be covered by at least one >> > of the Manifests. >> >> Do we need to keep that implicit ignore rule? Rather, convert it >> to being always explicit. >> >> There is only one such file in the rsync checkout presently: >> metadata/.checksum-test-marker (see bug #572168, it is used to >> detect mis-configured mirrors). >> >> A SVN or Git repo might also have dot-named directories.
> I like the implicit idea better as it is more consistent with normal > tool behavior, like 'ls' not listing the files. Dotfiles can be > created by many random tools or even the filesystem (especially in > some cases of overlay filesystems). Other tools like "find" don't special-case dot-prefixed files though (in fact, "ls" may well be the exception there). Implicit ignores only create an unnecessary attack surface. Better make them explicit, even if this will require adding some entries for common cases (like .git in the top-level dir). Ulrich
pgpDLb36ye2cA.pgp
Description: PGP signature
