Nmap Development mailing list archives

Public Nmap SVN Repository

From: Fyodor <fyodor () insecure org>
Date: Thu, 14 Dec 2006 02:20:09 -0800

Don't you guys think a public Subversion repository for Nmap would be
useful?  I've been reticent in the past due to qualms about SVN
security.  I'm still nervous about it, but at least the Subversion
project has gone a couple years since their last serious security
holes.  I'm also getting better at locking down services with SELinux.
So I think the benefits are worth the risk.  Here are my initial
implementation ideas:

* I'll use svnserve (svn:// format) rather than the Apache2 DAV stuff
  (http:// repository).

* Everyone will have read access to the Nmap/Nsock/Nbase trunks

* Nmap developers working on cool experimental stuff (Like Diman,
  Doug, Marek, etc.) can have their own branches, if they want 'em.
  That way they can implement cool stuff, and everyone can download
  and test it easily, but it won't destabilize the main Nmap trunk
  until it is ready for merging.  For example, the raw packet NSE
  support might be a great candidate for its own branch.

* A mailing list (nmap-commits or something) will be set up, to which
  commit notifications (with diffs inline) will be sent, through a
  post-commit hook.

While those are my current plans, I have a few questions for you guys:

Does anyone know any good reasons for using mod_dav_svn (Apache)
rather than my current plan of svnserve?

A quick search finds this script for sending commit emails:
http://svn.collab.net/repos/svn/trunk/tools/hook-scripts/commit-email.pl.in
Can you guys recommend this, or do you know anything better?

How important do you guys think it is to be able to browse the
repository with a web browser, link to revisions, etc. using something
like ViewCVS or Trac?  I don't presently plan to implement this, but I
probably can if there is demand.  If you want it, what software do you
recommend?

Is there anything else you think is important to consider for a new
Nmap public source repository?

Cheers,
Fyodor


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Public Nmap SVN Repository Fyodor (Dec 14)
- Re: Public Nmap SVN Repository Diman Todorov (Dec 14)
- Re: Public Nmap SVN Repository Arturo 'Buanzo' Busleiman (Dec 14)
- Message not available
  - Public Nmap SVN Repository Max (Dec 14)
- Re: Public Nmap SVN Repository Andreas Ericsson (Dec 14)
  - Re: Public Nmap SVN Repository Justin Knox (Dec 14)
- Re: Public Nmap SVN Repository Kris Katterjohn (Dec 14)
- Re: Public Nmap SVN Repository William McVey (Dec 14)
  - Re: Public Nmap SVN Repository Jonathan Smith (Dec 14)
- Re: Public Nmap SVN Repository majek04 (Dec 14)