[PATCH]: Optional explanation for options
Jan Hudec
bulb at ucw.cz
Wed Sep 21 06:05:12 BST 2005
On Tue, Sep 20, 2005 at 20:30:50 +1000, Andrew Bennetts wrote:
> On Tue, Sep 20, 2005 at 09:27:18AM +0200, Jan Hudec wrote:
> [...]
> >
> > SVK does a diff with a base64 blob at the end. Perhaps bazaar could use
> > some similar approach -- use normal diff chunks for text files,
> > base64-encoded binary diff chunks for binary files and a blob of base64
> > data with the signatures, checksums and such. They could be just pickle
> > dump of the data.
>
> Pickles are poor serialisation mechanism for this sort of task:
>
> * they're not portable to non-python code.
> * it's not safe to unpickle pickles from an untrusted source, because
> unpickling can execute more-or-less arbitrary python code.
>
> There are other minor issues I could mention, but those are the two killers
> for bzr, I think.
Note that I said they "could". It can use any serialization format. YAML or
XML or something (and these two wouldn't even need to be base-64 encoded). Or
just a list of key-value pairs, if there are no structured values.
--
Jan 'Bulb' Hudec <bulb at ucw.cz>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20050921/c4c2bcba/attachment.pgp
More information about the bazaar
mailing list