Re: [fltk.general] Continuous integration: using Jenkins fornightlyFLTK builds
On 22.04.2012, at 04:07, Greg Ercolano wrote: > > You could probably passwd protect the job trigger, or > put it in the dev menu (which lets us trigger website updates), > or maybe you already have -- I haven't really looked into this > yet, my mind elsewhere at the moment. Yes, but then I have to start creating accounts. We will see, if adding a link to the FLTK page will eventually lead to attacks. > But when I do my big checkin, I'll look forward to a cross platform > build; I'm always bad about windows, cause I hate the damn IDE. > Not crazy about the OS either.. I keep that box off mostly. Same here. Like in Xcode, there is a command line call that builds the IDE setup. But ignoring MSWindows is not god either ;-) - Matthias ___ fltk mailing list fltk@easysw.com http://lists.easysw.com/mailman/listinfo/fltk
Re: [fltk.general] Continuous integration: using Jenkins fornightlyFLTK builds
On 04/21/12 15:44, Matthias Melcher wrote: > > On 22.04.2012, at 00:34, Greg Ercolano wrote: > >> Ya, I guess I'll try it with the next large checkin I do for Fl_Tree. >> >> I haven't looked at the config; I assume an anon user can't just >> do an SVN checkin of a spambot hidden in the Makefile so that doing >> an svn checkin won't run their bot? >> >> If you want, you can probably limit checkins to just us devs; you >> can probably just assign us login names and passwords via direct email >> to protect your build farm. > > It uses the svn repo on fltk.org. So, yes, you are right, > fudging the Makefile would be quite harmful :-( Ah, OK, I saw something about 'anon' in your first post, so I thought maybe anonymous had access. If you're pulling the fltk.org trunk and building it, that sounds safe enough, since it's just the devs that have write access. And an anon trigger of a job probably isn't a bad thing, since the stuff the job runs is fixed and not world writable. You could probably passwd protect the job trigger, or put it in the dev menu (which lets us trigger website updates), or maybe you already have -- I haven't really looked into this yet, my mind elsewhere at the moment. But when I do my big checkin, I'll look forward to a cross platform build; I'm always bad about windows, cause I hate the damn IDE. Not crazy about the OS either.. I keep that box off mostly. ___ fltk mailing list fltk@easysw.com http://lists.easysw.com/mailman/listinfo/fltk
Re: [fltk.general] Continuous integration: using Jenkins fornightlyFLTK builds
On 22.04.2012, at 00:56, Fabien Costantini wrote: >>> If you want, you can probably limit checkins to just us devs; you >>> can probably just assign us login names and passwords via direct email >>> to protect your build farm. >> >> It uses the svn repo on fltk.org. So, yes, you are right, fudging the = >> Makefile would be quite harmful :-( > But it is already limited to devs to check in changes in the svn repo on > fltk.org right ? > So checkins are 'already' limited, aren't they ? Yes. I have to trust all developers that there is nothing nasty checked in. And I must read the SVN logs. ___ fltk mailing list fltk@easysw.com http://lists.easysw.com/mailman/listinfo/fltk
Re: [fltk.general] Continuous integration: using Jenkins fornightlyFLTK builds
> > If you want, you can probably limit checkins to just us devs; you > > can probably just assign us login names and passwords via direct email > > to protect your build farm. > > It uses the svn repo on fltk.org. So, yes, you are right, fudging the = > Makefile would be quite harmful :-( But it is already limited to devs to check in changes in the svn repo on fltk.org right ? So checkins are 'already' limited, aren't they ? ___ fltk mailing list fltk@easysw.com http://lists.easysw.com/mailman/listinfo/fltk
