[PATCH]: Optional explanation for options
Andrew Bennetts
andrew at canonical.com
Tue Sep 20 11:30:50 BST 2005
On Tue, Sep 20, 2005 at 09:27:18AM +0200, Jan Hudec wrote:
[...]
>
> SVK does a diff with a base64 blob at the end. Perhaps bazaar could use
> some similar approach -- use normal diff chunks for text files,
> base64-encoded binary diff chunks for binary files and a blob of base64
> data with the signatures, checksums and such. They could be just pickle
> dump of the data.
Pickles are poor serialisation mechanism for this sort of task:
* they're not portable to non-python code.
* it's not safe to unpickle pickles from an untrusted source, because
unpickling can execute more-or-less arbitrary python code.
There are other minor issues I could mention, but those are the two killers
for bzr, I think.
-Andrew.
More information about the bazaar
mailing list