From: Nicolas Pitre <nico@cam.org>
To: Junio C Hamano <junkio@cox.net>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
Chris Lee <clee@kde.org>, Git Mailing List <git@vger.kernel.org>
Subject: Re: git-index-pack really does suck..
Date: Tue, 03 Apr 2007 16:53:57 -0400 (EDT) [thread overview]
Message-ID: <alpine.LFD.0.98.0704031639470.28181@xanadu.home> (raw)
In-Reply-To: <7vbqi5w62c.fsf@assigned-by-dhcp.cox.net>
On Tue, 3 Apr 2007, Junio C Hamano wrote:
> Linus Torvalds <torvalds@linux-foundation.org> writes:
>
> > That whole "verify no SHA1 hash collision" code is really pretty damn
> > paranoid. Maybe we shouldn't have it enabled by default.
> >
> > So how about this updated patch? We could certainly make "git pull" imply
> > "--paranoid" if we want to, but even that is likely pretty unnecessary.
> > It's not like anybody has ever shown a SHA1 collision, and if the *local*
> > repository is corrupt (and has an object with the wrong SHA1 - that's what
> > the testsuite checks for), then it's probably good to get the valid object
> > from the remote..
>
> I agree with that reasoning.
For the record, I don't agree. I stated why in my other email.
> We did not do paranoid in git-pull long after we introduced the .keep
> thing anyway,
That doesn't make it more "correct".
> so I do not
> think the following patch is even needed, but I am throwing it
> out just for discussion.
1) None of the objects in a pack should exist in the local repo when
fetching, meaning that the paranoia code should not be executed
normally.
2) Running index-pack on a pack _inside_ a repository is a dubious thing
to do with questionable usefulness already.
3) It is unefficient to run pack-objects with --stdout just to feed the
result to index-pack afterwards while repack-objects can create the
index itself, which is the source of this discussion.
4) I invite you to read the commit log for 8685da42561 where the
_perception_ of GIT's security is discussed which led to the paranoia
check, and sometimes the perception is more valuable than the
reality, especially when it is free.
Therefore Linus' patch and this one are working around the wrong issue
as described in (3) IMHO.
What could be done instead, if really really needed, is to have the
paranoia test be made conditional on index-pack --stdin instead. But
please no bogus extra switches pretty please.
Nicolas
prev parent reply other threads:[~2007-04-03 20:54 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-04-03 15:15 git-index-pack really does suck Linus Torvalds
[not found] ` <db 69205d0704031227q1009eabfhdd82aa3636f25bb6@mail.gmail.com>
[not found] ` <Pine.LNX.4.64.07 04031304420.6730@woody.linux-foundation.org>
[not found] ` <Pine.LNX.4.64.0704031322490.67 30@woody.linux-foundation.org>
[not found] ` <Pi ne.LNX.4.64.0704031413200.6730@woody.linux-foundation.org>
[not found] ` <alpine.LFD.0.98. 0704031836350.28181@xanadu.home>
2007-04-03 16:21 ` Linus Torvalds
2007-04-03 16:40 ` Nicolas Pitre
2007-04-03 16:33 ` Nicolas Pitre
2007-04-03 19:27 ` Chris Lee
2007-04-03 19:49 ` Nicolas Pitre
2007-04-03 19:54 ` Chris Lee
2007-04-03 20:18 ` Linus Torvalds
2007-04-03 20:32 ` Nicolas Pitre
2007-04-03 20:40 ` Junio C Hamano
2007-04-03 21:00 ` Linus Torvalds
2007-04-03 21:28 ` Nicolas Pitre
2007-04-03 22:49 ` Chris Lee
2007-04-03 23:12 ` Linus Torvalds
2007-04-03 20:56 ` Linus Torvalds
2007-04-03 21:03 ` Shawn O. Pearce
2007-04-03 21:13 ` Linus Torvalds
2007-04-03 21:17 ` Shawn O. Pearce
2007-04-03 21:26 ` Linus Torvalds
2007-04-03 21:28 ` Linus Torvalds
2007-04-03 22:31 ` Junio C Hamano
2007-04-03 22:38 ` Shawn O. Pearce
2007-04-03 22:41 ` Junio C Hamano
2007-04-05 10:22 ` [PATCH 1/2] git-fetch--tool pick-rref Junio C Hamano
2007-04-05 10:22 ` [PATCH 2/2] git-fetch: use fetch--tool pick-rref to avoid local fetch from alternate Junio C Hamano
2007-04-05 16:15 ` Shawn O. Pearce
2007-04-05 21:37 ` Junio C Hamano
2007-04-03 21:34 ` git-index-pack really does suck Nicolas Pitre
2007-04-03 21:37 ` Shawn O. Pearce
2007-04-03 21:44 ` Junio C Hamano
2007-04-03 21:53 ` Shawn O. Pearce
2007-04-03 22:10 ` Jeff King
2007-04-03 22:40 ` Dana How
2007-04-03 22:52 ` Linus Torvalds
2007-04-03 22:31 ` David Lang
2007-04-03 23:00 ` Nicolas Pitre
2007-04-03 21:21 ` Nicolas Pitre
2007-04-03 20:33 ` Linus Torvalds
2007-04-03 21:05 ` Nicolas Pitre
2007-04-03 21:11 ` Shawn O. Pearce
2007-04-03 21:24 ` Linus Torvalds
[not found] ` <alpine.LF D.0.98.0704031735470.28181@xanadu.home>
2007-04-03 21:42 ` Nicolas Pitre
2007-04-03 22:07 ` Junio C Hamano
2007-04-03 22:11 ` Shawn O. Pearce
2007-04-03 22:34 ` Nicolas Pitre
2007-04-03 22:14 ` Linus Torvalds
2007-04-03 22:55 ` Nicolas Pitre
2007-04-03 22:36 ` David Lang
2007-04-04 9:51 ` Alex Riesen
[not found] ` <P ine.LNX.4.63.0704061455380.24050@qynat.qvtvafvgr.pbz>
2007-04-06 21:56 ` David Lang
2007-04-06 22:47 ` Junio C Hamano
2007-04-06 22:49 ` Junio C Hamano
2007-04-06 22:22 ` David Lang
2007-04-06 22:55 ` Junio C Hamano
2007-04-06 22:28 ` David Lang
2007-04-03 23:29 ` Linus Torvalds
2007-04-03 20:34 ` Junio C Hamano
2007-04-03 20:53 ` Nicolas Pitre [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.LFD.0.98.0704031639470.28181@xanadu.home \
--to=nico@cam.org \
--cc=clee@kde.org \
--cc=git@vger.kernel.org \
--cc=junkio@cox.net \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).