

How do you guys protect your repositories? - myoung8

I just finished setting up a dev server (Apache 2, SVN).<p>How do you guys protect the repository from outside viewers? Right now anyone could (theoretically) navigate to the trunk and look at all of the yet-to-be-written code. They wouldn't be able to download it because I restricted that, but is there a way to prevent them from seeing it at all? Is this something you'd edit in Apache?<p>I'd really appreciate specific instructions.<p>Thanks.
======
nostrademons
I had it password-protected with .htaccess and then accessed via HTTPS, but I
switched to using ssh+svn. There were some odd bugs with the WebDAV interface
to svn where it wouldn't update my working copy properly on 'svn update',
leading to a lot of manual deletion of .svn/wcprops to get going again. I
finally said enough is enough and just switched to accessing it over SSH.

------
brianr
You could: -password-protect it with .htaccess, or better yet: -make the
repository only accessible via ssh, and -set up Trac or something similar if
you want bug tracking and friendly svn browsing over http.

I haven't set up either of these myself so I can't help you there, but I would
be willing to bet that Google can answer your questions :)

------
cperciva
I'm not sure I understand the question. Look at yet-to-be-written code? I know
version control systems have been called "time machines", but they show you
what's in the past, not what's in the future.

Generally speaking though -- if you don't want people to look at files, don't
put them only a web server.

------
ropiku
You can protect you repository with apache http authorization. Just search for
a tutorial, here's what I found: <http://svn.spears.at/#3.2> You add the
users/passwords with htpasswd and then in httpd.conf add Auth entries.

------
gscott
Password protection withhtaccess might be the way to go if you are hosting
your development code on a web host instead of having your own server on your
local network that is not web accessable.

