| 1 |
Dnia 2014-09-20, o godz. 21:20:34 |
| 2 |
Rich Freeman <rich0@g.o> napisał(a): |
| 3 |
|
| 4 |
> On Sat, Sep 20, 2014 at 8:58 PM, Gordon Pettey <petteyg359@×××××.com> wrote: |
| 5 |
> > You're following the wrong train down the wrong tracks. Git [0-9a-f]{40} is |
| 6 |
> > to CVS 1[.][1-9][0-9]+. You're arguing that CVS is more secure because its |
| 7 |
> > commits are sequential numbers. |
| 8 |
> |
| 9 |
> Ulrich is well-aware of that. His argument is that with cvs there is |
| 10 |
> no security whatsoever in the scm, and so there is more interest in |
| 11 |
> layering security on-top. With git there is more of a tendency to |
| 12 |
> rely on the less-than-robust commit signing system. |
| 13 |
> |
| 14 |
> We could always just keep full manifests in the tree and be no worse |
| 15 |
> off than with cvs. |
| 16 |
|
| 17 |
And we would be no better off than with CVS. We'd have huge repository |
| 18 |
with a lot of redundant space-eating data and the impossibility of sane |
| 19 |
merges or rebases. |
| 20 |
|
| 21 |
-- |
| 22 |
Best regards, |
| 23 |
Michał Górny |
Archives