please check out weave-format branch

John Arbash Meinel john at arbash-meinel.com
Thu Sep 22 18:33:52 BST 2005


Martin Pool wrote:
> Hi,
> 
> My branch using the weave format is just about ready for adoption.  If
> you would like a copy you can either pull or rsync from
> http://bazaar-ng.org/bzr/bzr.newformat, or get this tarball:
> 
>   http://bazaar-ng.org/pkg/snapshot/bzr-0.1pre-1374.tgz
> 
> As test data, a copy of the bzr history converted to weaves is here:
> 
>   http://bazaar-ng.org/pkg/snapshot/bzr.newformat.asweaves-20050922.tgz
> 
> (The uncompressed history size shrunk from 101MB to 6.8MB).
> 
> Existing branches can be converted using the 'tools/history2weaves.py'
> script (which should be changed to run from the upgrade command.) 
> This upgrades a branch in place; make a copy first.
> 
> --
> Martin
> 
> 

Next part:

3) You removed "parent_sha1" from the revision XML. So now we reference
a parent only by it's revision id, rather than both id and sha1 hash. I
realize that it makes upgrading easier (since you no longer have a hash
which is invalidated), but it raises potential security concerns. These
may not be major, but you can fake the ancestry if you remove the sha1.

If a hacker can get his version of your parent injected into the system,
 then he can change the ancestry. At first, this just seems that it
would mess up the merge command, since it can't find an appropriate
merge base. But also if you ever just try to do "merge just the changes
for this revision against its parent" (cherry picking, which bzr may or
may not ever support), then the hacker has quite a bit of freedom about
what sort of diff would be created. There isn't a lot of freedom, and I
don't know what kind of dangerous stuff could be done, but it seems like
a potential leak.

I kind of liked the fact that for a given revision, all of the ancestry
up to that point was contained in its hash. Because it had a hash of its
parents, who have a hash of their parents, all the way back to the Null
revision.

Now it does mean when you upgrade, if you change anything, you have to
change all of the children, and their children, etc. To me it seems like
a fair tradeoff (because when you upgrade, you pretty much have to
change everything anyway).

John
=:->
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20050922/76387403/attachment.pgp 


More information about the bazaar mailing list