Den tis 23 feb. 2021 16:40Nathan Hartman <hartman.nat...@gmail.com> skrev:
> On Tue, Feb 23, 2021 at 8:35 AM Daniel Shahaf <d...@daniel.shahaf.name> > wrote: > >> Nathan Hartman wrote on Mon, Feb 22, 2021 at 14:36:58 -0500: >> > In a recent discussion on our dev mailing list, there is an example >> > shell script (for zsh) that saves a password file. See [2] and note >> > that there were a few corrections to the script so be sure to use the >> > latest version in that mail list thread. >> > >> > [1] >> https://subversion.apache.org/docs/release-notes/1.12.html#client-server-improvements >> > >> > [2] >> https://lists.apache.org/thread.html/r0eef40236aeddd1db18bc7882454dd3b18bcd721d8fd8c9e21aca52a%40%3Cdev.subversion.apache.org%3E >> > >> > I hope the above is helpful; feel free to ask as many questions as you >> > need to, or propose improvements to the above-mentioned script or >> > Subversion itself. We have gotten quite a few questions about this and >> >> I'm starting to wonder if that script deserves a home more permanent >> than the end of a random dev@ thread whose subject line contains "WTF" >> and "?!"; e.g., perhaps that script should be linked from the FAQ or >> the release notes. > > > > I agree we need a better place for the script, especially as the above > mail thread contains more than one version of it. > > I think it's a good candidate for contrib (though it might be better > to port it to portable Bourne shell first). > > Would a Python version be useful? > > Regarding the FAQ, currently we have [1] "Ahhh! I just discovered that > my Subversion client is caching passwords in plain-text on disk! > AHHH!" That is still applicable to 1.10, but now we need an entry to > answer the opposite question: how to cache the password for svn use > with cron jobs and non-X environments where Kwallet and GNOME-Keyring > aren't applicable, and the particularly annoying case in which the > machine itself has a GUI but the user is logged in via ssh; in this > case the svn client will "freeze" while waiting for password entry in > an inaccessible GUI window; I think this would occur with Kwallet, > GNOME-Keyring, and macOS's Keychain.) > > But, as there doesn't seem to be one well-established way to handle > this, other than just storing the password on disk, would the new FAQ > entry say just that? Do we have any other concrete suggestions? > I would go with a new FAQ entry. I can prepare a draft in staging. As for the script, IIRC there was a need for the username (?) to be cached before running the script. Where should that be stored? Kind regards Daniel Sahlberg > [1] https://subversion.apache.org/faq.html#plaintext-passwords > > Nathan > >
