Sign in Subscribe
Concepts

The merge request was blocked. Not by code. By permissions.

Andrios Robert

1 min read

Mercurial permission management decides who can push, pull, clone, or commit. Get it wrong, and your repository becomes either too open or too locked down. In teams that rely on Mercurial for version control, precise permission control prevents code leaks, accidental overwrites, and wasted hours on conflicts.

Mercurial supports multiple layers of permission control. At the file system level, you can restrict read and write access to the repository directory. At the server level, configuration in hgweb.config or hgrc files defines who can access what. This includes both HTTP authentication and SSH-based rules. For granular control, the hg-serve and hgweb setups allow path-based permissions, limiting write access to specific branches or paths inside the repo.

The most common way to enforce detailed rules is through the acl extension. With it, you can declare who can push to a branch, who can commit changes, and who is entirely blocked. ACL rules live in the repository’s .hgrc, with sections like [acl.allow] and [acl.deny] for fine-grained control. For example:

[acl.allow]
push = alice, bob
[acl.deny]
push = eve

In distributed setups, permissions extend beyond the main server. Mirror repositories, continuous integration systems, and deployment tools should also respect Mercurial permissions. The risk is that a replicated repo could bypass rules if it is not configured consistently.

Audit permissions regularly. Remove stale user accounts. Rotate credentials. Use SSH keys with limited scope. Centralize control to reduce human error. When possible, integrate Mercurial permission management with organization-wide identity systems like LDAP or OAuth to streamline onboarding and offboarding.

Strong permission management in Mercurial increases security, improves development velocity, and cuts operational risk. It is not optional for any team managing critical code.

See how you can configure Mercurial permissions cleanly and safely. Try it with hoop.dev and watch it run live in minutes.