git.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Junio C Hamano <gitster@pobox.com>
To: Michael J Gruber <michaeljgruber+gmane@fastmail.fm>
Cc: Sverre Rabbelier <srabbelier@gmail.com>,
	Thomas Rast <trast@student.ethz.ch>,
	Michael J Gruber <git@drmicha.warpmail.net>,
	Matthias Nothhaft <matthias.nothhaft@googlemail.com>,
	git@vger.kernel.org
Subject: Re: Transparently encrypt repository contents with GPG
Date: Fri, 13 Mar 2009 13:23:08 -0700	[thread overview]
Message-ID: <7vy6v9f9zn.fsf@gitster.siamese.dyndns.org> (raw)
In-Reply-To: <49BA6606.1070403@fastmail.fm> (Michael J. Gruber's message of "Fri, 13 Mar 2009 14:56:22 +0100")

Michael J Gruber <michaeljgruber+gmane@fastmail.fm> writes:

> In .gitattributes (or.git/info/a..) use
>
> * filter=gpg diff=gpg
>
> In your config:
>
> [filter "gpg"]
>         smudge = gpg -d -q --batch --no-tty
>         clean = gpg -ea -q --batch --no-tty -r C920A124
> [diff "gpg"]
>         textconv = decrypt
>
> This gives you textual diffs even in log! You want use gpg-agent here.

Don't do this.

Think why the smudge/clean pair exists.

The version controlled data, the contents, may not be suitable for
consumption in the work tree in its verbatim form.  For example, a cross
platform project would want to consistently use LF line termination inside
a repository, but on a platform whose tools expect CRLF line endings, the
contents cannot be used verbatim.  We "smudge" the contents running
unix2dos when checking things out on such platforms, and "clean" the
platform specific CRLF line endings by running dos2unix when checking
things in.  By doing so, you can see what really got changed between
versions without getting distracted, and more importantly, "you" in this
sentence is not limited to the human end users alone.

git internally runs diff and xdelta to see what was changed, so that:

 * it can reduce storage requirement when it runs pack-objects;

 * it can check what path in the preimage was similar to what other path
   in the postimage, to deduce a rename;

 * it can check what blocks of lines in the postimage came from what other
   blocks of lines in the preimage, to pass blames across file boundaries.

If your "clean" encrypts and "smudge" decrypts, it means you are refusing
all the benifit git offers.  You are making a pair of similar "smudged"
contents totally dissimilar in their "clean" counterparts.  That is simply
backwards.

As the sole raison d'etre of diff.textconv is to allow potentially lossy
conversion (e.g. msword-to-text) applied to the preimage and postimage
pair of contents (that are supposed to be "clean") before giving a textual
diff to human consumption, the above config may appear to work, but if you
really want an encrypted repository, you should be using an encrypting
filesystem.  That would give an added benefit that the work tree
associated with your repository would also be encrypted.

  parent reply	other threads:[~2009-03-13 20:24 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-03-12 21:19 Transparently encrypt repository contents with GPG Matthias Nothhaft
2009-03-12 21:34 ` Sverre Rabbelier
2009-03-13 10:46   ` Michael J Gruber
2009-03-13 10:51     ` Sverre Rabbelier
2009-03-13 11:15     ` Thomas Rast
2009-03-13 11:17       ` Sverre Rabbelier
2009-03-13 13:56         ` Michael J Gruber
2009-03-13 14:19           ` Sverre Rabbelier
2009-03-13 17:13           ` Jeff King
2009-03-13 20:23           ` Junio C Hamano [this message]
2009-03-14 11:16             ` Michael J Gruber
2009-03-14 18:45               ` Junio C Hamano
2009-03-16 16:01                 ` Michael J Gruber
2009-03-17  7:40                   ` Jeff King
2009-03-17  8:22             ` Jeff King
2012-04-21 17:25 ` bigbear
2012-06-17  7:33   ` lalebarde
     [not found]     ` <CAL1Gx-Ufs8TNVeeefAXBnX-eCnEk_DC1w6oJVRPcMcStdL_+-Q@mail.gmail.com>
2012-06-18 20:03       ` lalebarde

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=7vy6v9f9zn.fsf@gitster.siamese.dyndns.org \
    --to=gitster@pobox.com \
    --cc=git@drmicha.warpmail.net \
    --cc=git@vger.kernel.org \
    --cc=matthias.nothhaft@googlemail.com \
    --cc=michaeljgruber+gmane@fastmail.fm \
    --cc=srabbelier@gmail.com \
    --cc=trast@student.ethz.ch \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).