Re: Weird shallow-tree conversion state, and branches of shallow trees

git.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Theodore Tso <tytso@mit.edu>
To: Linus Torvalds <torvalds@linux-foundation.org>,
	Git Mailing List <git@vger.kernel.org>,
	Andy Parkins <andyparkins@gmail.com>,
	Nguyen Thai Ngoc Duy <pclouds@gmail.com>,
	"Shawn O. Pearce" <spearce@spearce.org>,
	"Robin H. Johnson" <robbat2@gentoo.org>
Subject: Re: Weird shallow-tree conversion state, and branches of shallow trees
Date: Sun, 15 Apr 2007 23:01:03 -0400	[thread overview]
Message-ID: <20070416030103.GB27533@thunk.org> (raw)
In-Reply-To: <20070416021729.GH2689@curie-int.orbis-terrarum.net>

On Sun, Apr 15, 2007 at 07:17:29PM -0700, Robin H. Johnson wrote:
> Nobody has addressed the single problem that I have with adding it when
> it's leaving the environment, and that's still of paramount concern to
> me. Simply put, there is a conflict between being able to add revision
> information of stuff leaving the environment, and those additions
> breaking previous checksums (which may be digitally signed, and thus
> breaking the signatures).
> 
> I'll reduce it further from my previous example.
> 
> 1. Developer commits some change to file A.
> 2. The checksum file is updated because A changed (the checksum file
>    explicitly does not contain keywords).
> 3. Developer signs the checksum file, and commits it.
> 
> If during the export process (which is undertaken elsewhere, by a
> different person or script), file A now has an expansion applied to it,
> you break the checksum file, which you CANNOT redo, because you lose the
> developer's digital signature on the checksum file!

Simple, the release engineer runs a script which exports the tree,
expanding any keywords and updating the checksum file as necessary,
and then the release engineer signs the checksum file!  As has already
been stated, if this doesn't work, you probably don't have a well
defined and formal release process. 

Just because a developer has signed a checksum doesn't mean that the
tree is suitable for release; that's the job of the release engineer
to confirm, probably after running a set of regression test suites.
And in fact, with git, it's pointless for the developer to sign a
checksum file and then commit it, since git is already maintaining
checksums as an integral part of how revisions are named.  

					- Ted

next prev parent reply	other threads:[~2007-04-16  3:01 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-04-12  0:53 Weird shallow-tree conversion state, and branches of shallow trees Robin H. Johnson
2007-04-14  8:56 ` Johannes Schindelin
2007-04-15  0:03   ` Robin H. Johnson
2007-04-15  0:02     ` David Lang
2007-04-15  2:01       ` Robin H. Johnson
2007-04-15  4:31         ` Shawn O. Pearce
2007-04-15  5:57           ` Nguyen Thai Ngoc Duy
2007-04-15  8:54             ` Jakub Narebski
2007-04-15 18:18             ` Linus Torvalds
2007-04-15 19:51               ` Andy Parkins
2007-04-15 20:51                 ` Linus Torvalds
2007-04-16  0:11                   ` Bill Lear
2007-04-16  9:10                     ` Andy Parkins
2007-04-16 15:17                       ` Julian Phillips
2007-04-16  2:17                   ` Robin H. Johnson
2007-04-16  3:01                     ` Theodore Tso [this message]
2007-04-16  3:23                       ` Nguyen Thai Ngoc Duy
2007-04-16 15:08                         ` Linus Torvalds
2007-04-16 16:06                           ` Nguyen Thai Ngoc Duy
2007-04-16  3:32                       ` Robin H. Johnson
2007-04-16 17:00                         ` Linus Torvalds
2007-04-17  4:16                         ` Daniel Barkalow
2007-04-16 14:59                     ` Linus Torvalds
2007-04-16  9:03                   ` Andy Parkins
2007-04-16 15:54                     ` Sven Verdoolaege
2007-04-16 15:58                     ` Linus Torvalds
2007-04-16 23:25                       ` Weird shallow-tree conversion state, and branches of shallowtrees David Lang
2007-04-17 19:50                         ` David Lang
2007-04-17  9:45                       ` Weird shallow-tree conversion state, and branches of shallow trees Andy Parkins
2007-04-16 19:41                     ` Junio C Hamano
2007-04-16 20:55                       ` Andy Parkins
2007-04-17 21:24                         ` Junio C Hamano
2007-04-17 21:51                           ` Andy Parkins
2007-04-15  9:44           ` Robin H. Johnson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20070416030103.GB27533@thunk.org \
    --to=tytso@mit.edu \
    --cc=andyparkins@gmail.com \
    --cc=git@vger.kernel.org \
    --cc=pclouds@gmail.com \
    --cc=robbat2@gentoo.org \
    --cc=spearce@spearce.org \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).