On Tue, Dec 21, 2010 at 12:28:29PM -0500, David Weintraub wrote:
> On Tue, Dec 21, 2010 at 10:59 AM, David Aldrich
> <David.Aldrich_at_eu.nec.com> wrote:
> > Thanks for your help. Yes, the branches, tags, and trunk directories are at the root. In your suggestion, I am worried that a developer might create a branch containing ConfidentialFolder in /branches rather than in /branches/ConfidentialBranches, by mistake. Do you agree that is a problem?
>
> Sure, that's a possible issue. One of the biggest problems with
> Subversion is that it is almost impossible to delete any information
> from the repository. You put in confidential information in the wrong
> place, and you basically have to do a dump/filter/load to remove it
> from the repository.
>
> To solve this issue, you can create a pre-commit hook that will
> prevent someone from copying the confidential information project to
> the plain /branches branch.
>
> When a copy is done, svnlook will list where the copy is from, and
> your hook can intercept this information.
>
> I don't think my kitchen-sink pre-commit hook can be configured to
> prevent this from happening. My script can prevent particular people
> from creating a tag or branch, but never looks at the "to"
> information.
>
> You'll have to write your own hook script. Fortunately, it isn't too
> difficult -- especially since you're just checking for a very simple
> thing. Do you see an "A' transaction where the from is from the
> confidential directory and the "to" is to the branches directory? If
> so, fail the transaction.
It's better to fail if the copy is not going to the right place,
rather than going to one of many possible wrong places.
Regarding the external question: I think checkout and updates will fail if
the external cannot be accessed. It's quite easy to try this out on
a new repository created with svnadmin create:
svnadmin create /tmp/myrepos
svn co file:///tmp/myrepos working-copy
cd working-copy
svn mkdir dir
Now configure externals on "dir" that point to non-existing URLs,
run svn commit, and do more checkouts and updates see for yourself
what Subversion will do.
Stefan
Received on 2010-12-21 19:20:22 CET