quark added a comment.

  Security-wise, the "shelling out revset" seems hard to solve cleanly. By 
having `%include ../hgrc` in `$REPO/.hg/hgrc`, we could already read config in 
working copy for a trusted repo today.
  
  It seems to me that a lot of security work (ex. knowing the "origin" when 
executing a revset, marking config items or sections as safe or unsafe by 
extensions) are required to be able to turn on this feature by default. If we 
don't turn this on by default because of security, the `%include ../hgrc` 
approach seems good enough for trusted repo today.

REPOSITORY
  rHG Mercurial

REVISION DETAIL
  https://phab.mercurial-scm.org/D98

To: indygreg, #hg-reviewers
Cc: durin42, yuja, mharbison72, quark, mercurial-devel
_______________________________________________
Mercurial-devel mailing list
Mercurial-devel@mercurial-scm.org
https://www.mercurial-scm.org/mailman/listinfo/mercurial-devel

Reply via email to