From: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
To: Johannes Zink <j.zink@pengutronix.de>
Cc: users@linux.kernel.org, tools@linux.kernel.org, kernel@pengutronix.de
Subject: Re: b4: Feature-Request: use salted hash for change-id instead of descriptive-name when using b4 prep
Date: Fri, 2 Jun 2023 12:50:09 -0400 [thread overview]
Message-ID: <20230602-speckled-modulator-ebdc37@meerkat> (raw)
In-Reply-To: <837ab11e-e6c7-0dc6-9377-7889910aea09@pengutronix.de>
On Fri, Jun 02, 2023 at 10:00:11AM +0200, Johannes Zink wrote:
> Hi,
>
> first of all: thanks for creating and maintaining b4, it makes my daily
> kernel developer's life so much easier...
>
> Accidentally I came across a (documented [1]) behaviour of b4 prep that is a
> little dangerous for my workflow: the descriptive-name is incorperated in
> the MessageID and the changeID in plaintext.
>
> While for most applications this is probably fine, sometimes I use branch
> names along the line of
> "upstream-feature-for-$super_secret_customer_project" (or some other stupid
> branch names [2] - which it at least a bit funny if you know german...),
> which poses a risk of actually leaking information I do not want to be
> leaked.
Hm.. this is a certainly not a workflow scenario I had considered.
> I would like to ask if there is a possibility to change this to using a
> salted hash instead (salt is probably required due to rainbow table attacks)
> for messageID and changeID. If this would break some workflows, it could
> possibly be added as an optional command line argument for b4 prep?
I will consider this request. For now, you can manually edit the cover letter
commit to change the JSON bit there that records the change-id.
E.g. right after you create a new b4-tracked branch using "b4 prep -n", you
can run "git commit --amend --allow-empty" and modify the change-id to be
whatever you like. Note, that you should only do this before you send out any
revisions.
-K
next prev parent reply other threads:[~2023-06-02 16:50 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-02 8:00 b4: Feature-Request: use salted hash for change-id instead of descriptive-name when using b4 prep Johannes Zink
2023-06-02 16:50 ` Konstantin Ryabitsev [this message]
2023-06-05 6:10 ` Johannes Zink
2023-06-05 7:26 ` Mattijs Korpershoek
2023-06-05 7:32 ` Johannes Zink
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230602-speckled-modulator-ebdc37@meerkat \
--to=konstantin@linuxfoundation.org \
--cc=j.zink@pengutronix.de \
--cc=kernel@pengutronix.de \
--cc=tools@linux.kernel.org \
--cc=users@linux.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox