[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] default to --no-auth-cache

From: <rbb_at_rkbloom.net>
Date: 2003-01-14 00:46:21 CET

On 13 Jan 2003, Philip Martin wrote:

> <rbb@rkbloom.net> writes:
>
> > So, while usernames are sensitive, I don't agree that they are sensitive
> > in the context of an SCM system,
>
> Ah well, we disagree.

Why? There are better, easier ways to get your username. As has already
been pointed out, svn log is the easiest. But, even without svn log, if I
want your username badly enough, I can get it. I must be able to get it,
because otherwise I can't communicate with you. The reality is that most
people use the same username everywhere, so if I am talking with you over
e-mail, I most likely already have your username to the svn system.

> > > Also, suppose I want to treat a working copy as read-only, then I
> > > don't want 'svn st -u' to write auth data.
> >
> > 'svn st -u' shouldn't be adding auth data to the wc if it wasn't there to
> > begin with.
>
> Another new feature.
>
> > IMHO, only checkout and update should be modifying the cached
> > auth information.
>
> What about merge, switch, copy URL->wc?

Well, as Branko says, Those are really just variants of update. (Quoted
below). Let me revise what I said. Only operations that actually modify
the wc should be modifying the cached auth information. Yes, that goes
against what I said about commit. I need to figure out where that fits
here. I am leaning heavily towards not changing the auth cache for
operations that don't modify the wc. As proof, let me give you a use case
that I do everyday (and yes, I know this sucks).

We have a user, foobar, which runs our automated builds, and this user has
no permission to check-in code. However, we only have a couple of Windows
boxes that can build our software, which means that we make changes to the
code on the build machine (I know, it sucks. I already said that). When
I go to check that code in today, I use cvs -drbb@foo.com:/yada/yada
commit. That doesn't change who owns the checkout, nor should it.
Because, ten minutes later, somebody else is going to try to fix the code
for something else, and they are going to use a different username for
their checkin. The repository tracks who did the check-in, not the wc.
The wc tracks who did the check-out.

So, that is the long way for me to say "Only operations that modify the wc
modify the auth-cache."

Ryan

From: "[UTF-8] Branko ?ibej" <brane@xbc.nu>

> rbb@rkbloom.net wrote:
>
> >'svn st -u' shouldn't be adding auth data to the wc if it wasn't there to
> >begin with. IMHO, only checkout and update should be modifying the cached
> >auth information.
> >
> And checkin, merge, URL->WC and WC->URL copy, switch, ... well, except
> for checkin and the to-URL copy, those are more or less variants of
> update. What about diff against an URL?

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Jan 14 00:34:02 2003

This is an archived mail posted to the Subversion Dev mailing list.