seletskiy
commented
9 years ago As far as I know there is no way to create some kind of global configuration for the hooks, so the solution will not be such elegant. However, I can create a workaround that will use some kind of default path if no other was specified. This will provide a way for sysadmins to create common wrapper that will choose specific hook based on user input.
Thanks for reporting.
TheLocehiliosan
This was brought up before here: https://github.com/ngsru/atlassian-external-hooks/issues/6
I understand the security concerns. However, it's also painful to funnel configuration through administrators when you have an enormous amount of repos and many different users trying to configure them.
I think a safe way to deal with this would be to allow certain paths to be "blessed" by administrators. Administrators have access to the local disk, and can install "safe" scripts and add them to a list, or put them into a blessed directory or something along those lines. Is this a possible compromise?