On Thu, 2019-11-21 at 15:16 +0100, Mark Wielaard wrote:
> Hi,
> 
> On Wed, 2019-11-20 at 12:53 +0100, Mark Wielaard wrote:
> > Sure, you could use that if you wanted to share your whole
> > build/source
> > trees and don't mind serving any other files on some local network.
> > I
> > just think it shouldn't be the default. If you go look for odd
> > paths in
> > .debug files you probably will find them. We already know some
> > builds
> > generate and/or build files in /tmp or outside the src/builddir.
> > 
> > I'll look to see what is necessary to make sure none of those leak
> > out
> > by default.
> 
> The attached is what I came up with.
> 
> It simply splits the paths into those scanned for rpms, those scanned
> for files and (optional) paths that are extra trusted prefixes for
> source files. The paths that are scanned for files are trusted source
> prefixes by default. There is a new option to also remove those using
> -N, --no-files-sources). And you can switch back to allowing all
> files
> on the file system with -A, --all-sources.
> 
> I think this provides a way to do what we both want, it just makes
> things a little bit more explicit.
> 
> As a bonus it separates scanning trees for files and rpms, so no
> unnecessary work is done.
> 
> I haven't updated the documentation yet. Let me know what you think
> about the patch and I can update the documentation if we agree on the
> options/defaults.

On irc you mentioned that you didn't like that -R and -F didn't take
wildcards. The attached makes it so that they now do (you do have to
escape them or put them in single quotes, so the shell doesn't expand
them first).

Cheers,

Mark