!hgxtijxKWLSJnQVCJG:matrix.org

Knowledge Repo

2 Members
Discussion around the Knowledge Repo project1 Servers

You have reached the beginning of time (for this room).


Timestamp Message
23 Mar 2018
13:00:41@wardrop:matrix.orgMatthew Wardrop changed the history visibility to "world_readable" from "shared".
20:45:09@wardrop:matrix.orgMatthew Wardrop invited @danfrankj:matrix.orgdanfrankj.
20:48:13@wardrop:matrix.orgMatthew Wardrop set a profile picture.
21:04:21@danfrankj:matrix.orgdanfrankj joined the room.
24 Mar 2018
00:18:17@danfrankj:matrix.orgdanfrankj set a profile picture.
11 Apr 2018
18:27:02@danfrankj:matrix.orgdanfrankj Hey Matthew Wardrop I'm looking upgrade my users version of KR. We've currently got the embedded tooling set up. I can upgrade the embedded tooling to 0.8.0 but then the process would be user kr script calls embedded tooling which then calls a git checkout? this would work but seems overly complex. Thoughts?
18:42:43@wardrop:matrix.orgMatthew Wardrop Hey @danfrankj:matrix.org ! The simplest solution technically is to get everyone to upgrade their local version of knowledge_repo. That way everyone gets a more secure package that doesn't run arbitrary code.
18:43:57@wardrop:matrix.orgMatthew Wardrop If that's undesirable, and you want to grandfather these users out, then updating the embedded tooling to v0.8.0 should work, provided the repository also has the new style YAML configuration .
18:44:29@danfrankj:matrix.orgdanfrankjhahah yes that is the simple version... but as you know, getting everyone to actually upgrade correctly is difficult!
18:44:56@wardrop:matrix.orgMatthew WardropWhat is the additional checkout you are mentioning?
18:47:00@wardrop:matrix.orgMatthew WardropAh... The additional checkout happens if the new configuration also specifies a pinned version?
18:47:10@danfrankj:matrix.orgdanfrankjI'm thinking about the required_version configuration
18:47:15@danfrankj:matrix.orgdanfrankjyes
18:47:41@wardrop:matrix.orgMatthew Wardrop Hmmmm... It's probably unavoidable :/.
18:48:17@wardrop:matrix.orgMatthew Wardrop But it does work, and the overhead shouldn't been too crazy.
18:48:21@wardrop:matrix.orgMatthew Wardrop*be
18:49:57@danfrankj:matrix.orgdanfrankjalso - I'm correct in thinking I can set the required version to a SHA
18:49:58@danfrankj:matrix.orgdanfrankj?
18:53:18@wardrop:matrix.orgMatthew Wardrop That's correctly
18:53:22@wardrop:matrix.orgMatthew Wardrop*correct
18:54:14@wardrop:matrix.orgMatthew WardropIn a future version, requiring a version pre v0.8.0 will not be permitted for security reasons
18:54:22@wardrop:matrix.orgMatthew WardropBut for now, anything will work.
19:40:30@wardrop:matrix.orgMatthew Wardrop@danfrankj:matrix.org: up for a quick review of my latest PR?
19:57:49@danfrankj:matrix.orgdanfrankjtaking a look

There are no newer messages yet.


Back to Room List