Change environment variable names for Language Depot #325
Conversation
First step towards changing them: ensure they live in a single place
Because sudo will strip env vars named `LD_WHATEVER`, for security reasons (e.g. if you can change the `LD_LIBRARY_PATH` env var, you can cause arbitrary code execution). So we need a name prefix that won't be stripped by sudo.
For consistency with `LFMERGE_LANGUAGE_DEPOT_REPO_URI`, we should have an `LFMERGE_` prefix in front of the environment variables used to control LfMerge.
| - **LFMERGE_VERBOSE_PROGRESS**: Boolean, default `false`. Whether to log verbose progress during Send/Receive. Recommended `true` in development & staging, `false` in production. | ||
| - **LFMERGE_LANGUAGE_DEPOT_REPO_URI**: Default not set. The *complete* URI to a Language Depot project, including username & password. Not useful in production, highly useful in debugging and unit test scenarios. | ||
| - **LFMERGE_LANGUAGE_DEPOT_HG_PUBLIC_HOSTNAME**: Default `hg-public.languagedepot.org`. The hostname of the Language Depot instance to use for **public** projects. | ||
| - **LFMERGE_LANGUAGE_DEPOT_HG_PRIVATE_HOSTNAME**: Default is the value of the `PUBLIC_HOSTNAME` string with `public` replaced with `private`. The hostname of the Language Depot instance to use for **private** projects. |
There was a problem hiding this comment.
@rmunn I have a random comment here. My recollection is that LFMerge categorically does not deal with repositories on private.languagedepot.org and thus this variable is a relic that could be removed. If this is not the case, how does a user actually connect up LD repo in private to Language Forge currently? I don't know how that works.
There was a problem hiding this comment.
Without doing a deep dive into the code, my memory is that LfMerge will try public first, then if the repo doesn't exist in public it will then try the same repo name in private. (Which is behavior inherited from FLExBridge, and therefore the same behavior that FLEx uses). Now, because of how LF presents the list of projects to Send/Receive, there's only going to be public ones available to choose from, but I believe LfMerge is capable of doing S/R from both public and private because FLExBridge can do so.
All
LD_*env vars in LfMerge will now be namedLFMERGE_LANGUAGE_DEPOT_*instead. This is because Linux sudo (which LfMerge uses to run as the www-data user) is configured by default to discard any environment variables whose name starts withLD_, for security reasons. E.g., if you can mess with theLD_LIBRARY_PATHenv var used by a program executing with privilege, you can inject arbitrary code into a privileged process and get it run.So all environment variables used to tell LfMerge where to look for Language Depot now start with the
LFMERGE_LANGUAGE_DEPOT_prefix. They are now documented in the README, and they can all be found in the MagicStrings.cs file in case I missed any in the README.