[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Source code watermarking

From: Philip Martin <philip.martin_at_wandisco.com>
Date: Fri, 07 Oct 2011 14:02:52 +0100

Miha Vitorovic <miha.vitorovic_at_gmail.com> writes:

> On 7.10.2011 11:56, Semen Prikhodko wrote:
>> Hi guys.
>> I need to add additional functionality to Subversion. My task is to
>> make SVN able to insert special "watermarks" into working copy
>> source files which identify a developer working on them. This means
>> every source file will contain some identifying comment (e.g. //
>> {developer id} ). My customer says this step will protect the source
>> code from stealing (the responsible person will be identified and
>> punished). Yes, it's stupid, but that is my current task. So SVN
>> must smartly insert the watermark when updating (checking out) the
>> code and remove it at time of commit (the repo must not contain
>> watermarks).
> If you have the users authenticated against the SVN server, then you
> are exactly describing the svn:keywords. There is some small adittion
> to the code, but not the actual user data. It is well documented in
> the Subversion book, but if you have any additional questions, I think
> they are best directed at the users mailing list.

I believe the question is about doing the keyword substitution on the
server rather than the client. It think it would be a lot of work,
because the server would have to adjust deltas and checksums both to and
from the client.

The server has non-watermarked fulltext T1 with checksum C1, the client
has watermarked T1' and checksum C1'. On update to non-watermarked T2
with checksum C2 the server usually calculates the diff D12 and sends
D12 and C2 to the client, but now it will have to generate temporary T1'
and T2' to calculate D12' and C2'.

When committing T2' with checksum C2' the client will send D12' and C2'
and the server would need to generate temporary T1', apply D12' to
generate T2' with checksum C2', and from that generate T2 and C2 which
get stored.

That's a lot of work for something that doesn't offer any real security.

uberSVN: Apache Subversion Made Easy
Received on 2011-10-07 15:03:33 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.