From e07b06d3c2a8703e93ee63cb1d8f96b2eaeac4a5 Mon Sep 17 00:00:00 2001 From: Runxi Yu Date: Wed, 19 Feb 2025 22:02:31 +0800 Subject: [PATCH] README.md: Update --- README.md | 20 +++++++++----------- diff --git a/README.md b/README.md index 7cc6ece3011f186ab4c81154575ec6f863c54bf9..929f5a8a98ba8ed0a9054f179e3b500132a16349 100644 --- a/README.md +++ b/README.md @@ -63,7 +63,7 @@ ## Features ### Git repos -* Viewing commits, diffs, and patches +* Viewing commits and patches * Viewing trees and files * Viewing arbitrary hashed objects and refs * Viewing tags @@ -78,8 +78,8 @@ When creating a MR from the API, the web interface, email, or SSH, it shall be possible to create a special source ref, hosted in the main repo as a branch with a branch name that begins with `contrib/`. Unsolicited pushes to -`contrib/` will automatically open a MR, returning instructions to edit -the description and manage the MR further via the standard error channel. +`contrib/` automatically open a MR, returning instructions to edit the +description and manage the MR further via the standard error channel. MR branches shall be synced to automatically created MR-specific mailing lists. These mailing lists should have archives accessible via read-only IMAP, JMAP, @@ -122,20 +122,18 @@ the future. ### Authentication and authorization -Anonymous SSH and HTTPS read access should be possible for public repos. All -other Git access should be done via SSH public keys. We use a baked-in SSH -implementation. +Anonymous SSH and HTTPS read access is possible for public repos. Git write +access is done via SSH public keys. We use a baked-in SSH implementation. The native API may be authenticated in the transport layer (e.g. TLS client certificates or UNIX domain socket authentication), via passwords, and via challenge-response mechanisms including SSH keys. SASL may be considered. -The web interface will have a dedicated login screen. Connections are set as -keepalive, and sessions are tracked across a kept-alive connection; optionally, -a user may click "remember me with a cookie" in the login screen. +The web interface has a dedicated login screen. Logins are remembered with +cookies. A dropdown box shall be available to select the time the user wishes +to remain logged in. -Commit validation based on SSH signature validation will be implemented. PGP -patch validation may be considered. +Commit validation based on SSH signature validation will be implemented. ### Federated authentication -- 2.48.1