Tommaso Cucinotta wrote: > On 21/11/2016 01:49, LyX Ticket Tracker wrote: >> Comment (by t.cucinotta): >> >> Just worked out new separate patch-set for the cross-OS needauth security >> option for converters (asking users if they really know what they're >> about >> to be doing). Added further global option that forbids use anyway, unless >> user goes and unchecks it in the prefs. >> >> New patch is available in my user repo tommaso, branch features/needauth- >> converters > > Please, find attached the pseudo-final patch. I would push it to master, > unless there are objections / further comments for improvements.
I quickly skimmed through the patch and have only minor comments: - is it just visually misleading because of patches are stacked on top of each other or is there (almost) the same long warning string used repeatedly? - IIRCS we have file pref version, do we increase it with new rc vars or no? - was just curious why file name is needed in loader classes, got to authFiles routine and voila no comment :) could you be more specific than "///" when introducing new methods? :) Apart from these minors I would suggest you commit to master, it improves the unfortunate situation with knitr a lot. The new pref might also give us chance to reintroduce opening of hyperlink insets. And perhaps the new idea of launching web browser for the citations could be bound to unhardened lyx option as well. Pavel
