[Libreoffice-commits] core.git: 4 commits - config_host/config_oauth2.h.in configure.ac sfx2/source sfx2/uiconfig svtools/source ucb/source
Miklos Vajna
vmiklos at collabora.co.uk
Fri Nov 8 05:29:33 PST 2013
Hi Cedric,
On Thu, Nov 07, 2013 at 09:53:47AM -0800, =?ISO-8859-1?Q?C=E9dric_Bosdonnat_ <cedric.bosdonnat at free.fr>, ?= wrote:
> OAuth2 application keys shouldn't be in the code.
>
> The GDrive OAuth2 key is now defined at configure time. If either the
> client secret or client id is missing, the Google Drive connectivity
> will be disabled at runtime.
>
> Tinderboxes can set up a GDrive key, but they need to make sure it's
> not persisting in the build log.
I understand that open-source and all this key management is quite a
pain and a conflicting area. However, what's the plan here, do you want
TDF to create some official key, and then TDF builds would use that, or?
What I would like to avoid is that this worked fine in 4.2-alpha, gets
release-noted, but at the end the TDF builds won't have this feature. We
had that issue with the bluetooth remote control already. ;-)
Also, given the old key is still in git history, can that be used by
developers, or there is a plan to revoke the old (public) key?
Thanks,
Miklos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.freedesktop.org/archives/libreoffice/attachments/20131108/cddee8e9/attachment.pgp>
More information about the LibreOffice
mailing list