Stefan Sperling <stsp_at_elego.de> writes:
> I will deprecate the old location in the comments, like this:
>
> "[auth]" NL
> "### Set store-passwords to 'no' to avoid storing passwords in the" NL
> "### auth/ area of your config directory. It defaults to 'yes'," NL
> "### but Subversion will never save your password to disk in" NL
> "### plaintext unless you tell it to (see below)." NL
> "### Note that this option only prevents saving of *new* passwords;" NL
> "### it doesn't invalidate existing passwords. (To do that, remove" NL
> "### the cache files by hand as described in the Subversion book.)" NL
> + "### NOTE: This option can now be specified in the 'servers' file" NL
> + "### in your config directory. This location for this option has" NL
> + "### been deprecated. Anything specified here is overridden by" NL
> + "### settings specified in the 'servers' file." NL
> "# store-passwords = no" NL
+1, but put the deprecation notice at the top of the block, so people
see it and then know that everything they read after that is about
something deprecated anyway.
> No, the code enforces this. But note that having all the [auth]
> settings in 'servers' makes much more sense anyway, because
> there, they can be configured on a per-server basis.
>
> It also aligns much more naturally with the layering, since
> authentication is done only if the RA layer is entered anyway,
> which has always been getting its configuration from 'servers'.
>
> The [auth] section in 'config' was a mistake, it would have
> been much more natural to put it in 'servers' in the first place.
Okay, I'm convinced.
Might be good to do this deprecation/move on a separate branch, merge
that to trunk, then incorporate into the dont-save-plaintext branch and
DTRT. They're kind of separate changes, I think.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-04-22 20:33:45 CEST