Hi Cedric, On Thu, Nov 07, 2013 at 09:53:47AM -0800, =?ISO-8859-1?Q?C=E9dric_Bosdonnat_ <cedric.bosdon...@free.fr>, ?= wrote: > OAuth2 application keys shouldn't be in the code. > > The GDrive OAuth2 key is now defined at configure time. If either the > client secret or client id is missing, the Google Drive connectivity > will be disabled at runtime. > > Tinderboxes can set up a GDrive key, but they need to make sure it's > not persisting in the build log.
I understand that open-source and all this key management is quite a pain and a conflicting area. However, what's the plan here, do you want TDF to create some official key, and then TDF builds would use that, or? What I would like to avoid is that this worked fine in 4.2-alpha, gets release-noted, but at the end the TDF builds won't have this feature. We had that issue with the bluetooth remote control already. ;-) Also, given the old key is still in git history, can that be used by developers, or there is a plan to revoke the old (public) key? Thanks, Miklos
signature.asc
Description: Digital signature
_______________________________________________ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
