[jira] [Commented] (MENFORCER-499) New Rule: Prohibit specific files to be checked in

Tue, 20 Feb 2024 00:00:08 -0800 


    [ 
https://issues.apache.org/jira/browse/MENFORCER-499?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17818694#comment-17818694
 ] 

Benjamin Marwell commented on MENFORCER-499:
--------------------------------------------

Not much. Just a little harder to circumvent, and it is checked in CI (which is 
the biggest plus). gitignore: you can just use {{git add -f $path}}. The check, 
if it is defined in a parent pom, is way harder to circumvent (though still 
easily possible if you know what you are doing). But developers would get way 
more immediate feedback. And it is much clearer in a Pull Request / Change 
Request to see whether a parent-defined execution was tampered with...  

> New Rule: Prohibit specific files to be checked in
> --------------------------------------------------
>
>                 Key: MENFORCER-499
>                 URL: https://issues.apache.org/jira/browse/MENFORCER-499
>             Project: Maven Enforcer Plugin
>          Issue Type: New Feature
>          Components: Standard Rules
>            Reporter: Benjamin Marwell
>            Priority: Major
>
> This is a suggestion for yet another new standard rule.
> "require Files not checked in"
> While there are already rules "require files don't exist" and "require file 
> size", this one would check wether files are actually checked in or added 
> into the current VCS.
> E.g. for each file in the pattern:
> * check if they are added (git, bzr) or checked in (cvs, svn, bzr, git)
> * If so, fail the build.
> configurable options:
> * files (like the other two checks, ant pattern)
> * failOnAdd (git, bzr): true by default, can be set to false. Then the check 
> will only fail if files are currently in a commit.
> * useDefaultExclusions: Read exclusion rules from VCS (git: .gitignore, svn: 
> svn:ignore, etc.). However, files could have been forcibly added in git. So 
> maybe this doesn't make much sense
> * skip
> * ..?
> The idea is to prevent developers from accidentally check in big files (like 
> jar files, zip files) or other binary artifacts. While this could be spotted 
> in a PR, the repo might already be spoiled and enlarged by this size, which 
> is usually not feasible.
> Alternatives:
> * use "files don't exist" and exclude target (may not work for everyone)
> * use a shell script
> * don't implement this rule and leave the task to others.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to