submodules all on read/write repos
zakame opened this issue · comments
Probably just a notice, but all your currently-submoduled repos in .gitmodules
are read/write, which can bug someone else cloning without the necessary permissions.
I did not consider plain git urls (git://
) because they are not secure. But maybe it would have been better to go with https
urls. I personally prefer using ssh, because I use that anyway to connect to other machines, so I only have to setup one authentication method if I stick with that.
But using https
was not a viable option in the short run. borg-assimilate
can get urls from epkg
, and most of those urls are ssh urls. I would have to change all of those urls in the Emacsmirror database, which isn't much work but which I don't want to do until I am absolutely sure that it is what I want to do.
In the end it doesn't matter much what protocol is used. Which ever I pick, it will inconvenient the users who prefer the other. Luckily this is very easy to "fix":
git config --global url.https://github.com/.insteadOf git@github.com:
git config --global url.https://gitlab.com/.insteadOf git@gitlab.com:
I should probably mention this in the borg
documentation. (I do mention it on the Emacsmirror homepage, which is recommended reading for all borg
users.)
It took me a while, but the manual now mentions this. (Still have to upload, but I just zapped my computer and not all required software is in place yet.)
By the way, are you still using borg
? Care to share your experience?