I haven’t investigated this any further, but do we now try to start the gpg-agent on every invocation of a command just to poll if we perhaps have a GPG agent running, and might want to use that authentication option?
I don’t think we want to do that as a simple replacement of a cheap check of an environment variable as we did before. There is also a long list of applications where just executing a program by name (without path or anything) is called a security problem. Bert Sent from Mail for Windows 10 From: james...@apache.org Sent: maandag 8 mei 2017 19:56 To: comm...@subversion.apache.org Subject: svn commit: r1794433 - /subversion/branches/1.9.x/STATUS Author: jamessan Date: Mon May 8 17:56:35 2017 New Revision: 1794433 URL: http://svn.apache.org/viewvc?rev=1794433&view=rev Log: * STATUS: Nominate r1794166. Modified: subversion/branches/1.9.x/STATUS Modified: subversion/branches/1.9.x/STATUS URL: http://svn.apache.org/viewvc/subversion/branches/1.9.x/STATUS?rev=1794433&r1=1794432&r2=1794433&view=diff ============================================================================== --- subversion/branches/1.9.x/STATUS (original) +++ subversion/branches/1.9.x/STATUS Mon May 8 17:56:35 2017 @@ -89,6 +89,14 @@ Candidate changes: Votes: +1: stefan2, rhuijben + * r1794166 + Find gpg-agent socket using gpgconf, if possible. + Justification: + Improves GPG socket detection when $GPG_AGENT_INFO is unset or when gpg + >= 2.1.13 is used + Votes: + +1: jamessan + Veto-blocked changes: =====================
