commit 131c712eeb9622522dfe9178c21c98f53a342e98
parent a7931fbfe42ce4ab45e65d9a5ee8105751b4e259
Author: Vincent Forest <vincent.forest@meso-star.com>
Date: Wed, 3 Dec 2025 15:05:40 +0100
git-publish: add a way to prohibit publication
The presence of the publication_ban file in a repository's git directory
prohibits its publication. This is a way to protect against accidental
publication of the repository, an error that is all the more easy to
make since a git-publish invocation can be used to publish several
repositories at once; a "git-publish *.git" is quickly executed.
Diffstat:
2 files changed, 40 insertions(+), 6 deletions(-)
diff --git a/git-publish b/git-publish
@@ -100,6 +100,29 @@ check_repo()
}
# Inputs:
+# - repo: git bare repository (absolute path)
+publication_ban()
+{
+ cd -- "${repo}"
+
+ # Retrieve the directory where git files are stored
+ if ! git_dir=$(git rev-parse --path-format=absolute --git-dir 2>&1)
+ then
+ >&2 printf '%s: %s\n' "${repo}" "${git_dir}"
+ die
+ fi
+
+ cd -- "${OLDPWD}"
+
+ # Check if the repository contains the file prohibiting publication
+ if [ -e "${git_dir}/publication_ban" ]; then
+ return 0
+ else
+ return 1
+ fi
+}
+
+# Inputs:
# - base_url: base URL under which the git HTML repository is exposed
# - dir_git: directory where to publish the git repository
# - dir_www: directory where to publish the git repository's HTML pages
@@ -221,7 +244,6 @@ make_index()
rm -f "${tmpfile}"
}
-
# Inputs:
# - @: repository list
# - base_url: base URL under which the git HTML repository is exposed
@@ -236,10 +258,18 @@ publish() # list of repositories
repo="$(cd -- "${repo}" && echo "${PWD}")"
printf '%s: ' "${repo}"
- check_repo
- publish_repo
- setup_post_receive_hook
- printf 'done\n'
+
+ # Isn't the repository prohibited from publication?
+ # shellcheck disable=SC2310
+ if publication_ban "${repo}"; then
+ printf 'ban\n'
+
+ else
+ check_repo
+ publish_repo
+ setup_post_receive_hook
+ printf 'done\n'
+ fi
done
}
diff --git a/git-publish.1 b/git-publish.1
@@ -12,7 +12,7 @@
.\"
.\" You should have received a copy of the GNU General Public License
.\" along with this program. If not, see <http://www.gnu.org/licenses/>.
-.Dd June 10, 2025
+.Dd December 3, 2025
.Dt GIT-PUBLISH 1
.Os
.\""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
@@ -119,6 +119,10 @@ metadata:
Brief description of the repository.
.It Pa owner
Owner of repository.
+.It Pa publication_ban
+If the file exists, the repository is not authorized to be published.
+Its purpose is therefore to prevent the accidental publication of a
+repository that should remain private.
.It Pa url
Public URL from which the repository can be cloned.
.El
