Gentoo Archives: gentoo-dev

From: "Tiziano Müller" <dev-zero@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] [RFC] DIGESTS metadata variable for cache validation
Date: Sat, 07 Feb 2009 22:32:06
Message-Id: 1234045916.24784.1373.camel@localhost
In Reply to: [gentoo-dev] [RFC] DIGESTS metadata variable for cache validation by Zac Medico
Am Montag, den 02.02.2009, 12:34 -0800 schrieb Zac Medico:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, > > I'd like to add a new metadata cache value called DIGESTS which will > contain a space separated list of digests which can be > used to validate the metadata cache. Like INHERITED and > DEFINED_PHASES [1], it will be automatically generated. The first > digest in the list will correspond to the ebuild. If there are any > inherited eclasses, the digests of those eclasses will follow in a > space separated list, in the same order that they occur in the > INHERITED variable. The value of the DIGESTS variable will be on > line 18 of the metadata cache (just after DEFINED_PHASES). > > For the digest format, I suggest that we use the leftmost 10 > hexadecimal digits of the SHA-1 digest. The rationale for limiting > it to 10 digits (out of 40) is to save space. Due to the avalanche > effect [2], 10 digits should be sufficient to ensure that problems > resulting from hash collisions are extremely unlikely.
I'd recommend to prefix the digest with a "{TYPE}" (like for hashed passwords) to be able to change the digest algorithm as needed (especially in regards to the current SHA successor competition). This allows a future package manager which might use SHA-3 for hashing (once it's released) to still check old digests. Furthermore it would allow for easier transition and only needs a definition of allowed hashes instead of a specific one.
> > The primary reason to use a digest for cache validation instead of a > timestamp is that it allows the cache validation mechanism to work > even if the tree is distributed with a protocol that does not > preserve timestamps, such as git or subversion. This would make it
Well, usually you don't keep intermediate or generated files in a VCS, so why the metadata?
> possible to distribute metadata cache directly from git and > subversion repositories (among others). Since a digest is inherently > more expensive to obtain than a timestamp, package managers may use > the Manifest entries as a digest cache, in order to avoid the need > to compute digests of ebuilds during dependency calculations. > > Does the suggested approach seem reasonable? Would anybody like to > suggest any changes?
Cheers, Tiziano -- ------------------------------------------------------- Tiziano Müller Gentoo Linux Developer, Council Member Areas of responsibility: Samba, PostgreSQL, CPP, Python, sysadmin E-Mail : dev-zero@g.o GnuPG FP : F327 283A E769 2E36 18D5 4DE2 1B05 6A63 AE9C 1E30

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies