[Webkit-unassigned] [Bug 260624] [git-webkit] Pushing a branch to a secure remote prevents it from being pushed publicly

Wed Mar 13 10:07:34 PDT 2024

https://bugs.webkit.org/show_bug.cgi?id=260624

Jonathan Bedard <jbedard at apple.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |WONTFIX
             Status|NEW                         |RESOLVED

--- Comment #2 from Jonathan Bedard <jbedard at apple.com> ---
I'm actually going to mark this one as "behaves correctly".

What's actually going on here is that you have a remote that doesn't have a classification, so we consider it to be "secure" when changes are coming from it, but "public" when changes are going to it. By design, `git-webkit` is pretty naive about the content of commits and forbids "promoting" commits from secure remotes to public remotes. There are some situations where this is annoying, but in most cases, this behavior protects contributors from their own (potentially catastrophic) mistakes. There are a couple of work arounds.

- Re-run `git-webkit setup`. If the unclassified remote is a GitHub remote, we can compute its security level, which may be "public", which will avoid all of this. (we don't compute security levels during a push because it's a relatively expensive operation)
- Rebase your PR. The "promotion" design relies exclusively on hashes, it's really looking for commits landed on a production branch which won't be rebased

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240313/5889cef1/attachment.htm>