1 |
Rich Freeman <rich0@g.o> wrote: |
2 |
> On Sat, Jul 7, 2018 at 1:34 AM Martin Vaeth <martin@×××××.de> wrote: |
3 |
>> |
4 |
>> Biggest issue is that git signature happens by the developer who |
5 |
>> last commited which means that in practice you need dozens/hundreds |
6 |
>> of keys. |
7 |
> |
8 |
> This is untrue. [...] |
9 |
> It will, of course, not work on the regular git repo [...] |
10 |
> You need to use a repo that is signed by infra |
11 |
> (which typically includes metadata/etc as well). |
12 |
|
13 |
I was speaking about gentoo's git repository, of course |
14 |
(the one which was attacked on github), not about a Frankensteined one |
15 |
with metadata history filling megabytes of disk space unnecessarily. |
16 |
Who has that much disk space to waste? |
17 |
|
18 |
For the official git repository your assertions are simply false, |
19 |
as you apprently admit: It is currently not possible to use the |
20 |
official git repo (or the github clone of it which was attacked) |
21 |
in a secure manner. |
22 |
|
23 |
>> > unless you stick --force in your pull |
24 |
>> |
25 |
>> Unfortunately, it is not that simple: git pull --force only works if |
26 |
> [...] |
27 |
> You completely trimmed the context around my quote. [...] |
28 |
> they simply would not be pulled without --force. |
29 |
|
30 |
I was saying that they would not be pulled *with* --force either, |
31 |
because pull --force is not as strong as you think it is (it would |
32 |
have shown you conflicts to resolve manually). |
33 |
You would have to use the commands that I have posted. |
34 |
|
35 |
> You seem to be providing advice for how to do a pull with a shallow |
36 |
> repository |
37 |
|
38 |
No, what I said is not related to a shallow repository. It has to do |
39 |
with pulling a forced push, in general. |
40 |
|
41 |
>> At least since the ChangeLogs have been removed. |
42 |
>> IMHO it was the wrong decision to not keep them in the rsync tree |
43 |
>> (The tool to regenerate them from git was/is available). |
44 |
> |
45 |
> Changelogs are redundant with git, and they take a ton of space (which |
46 |
> of late everybody seems to be super-concerned about) |
47 |
|
48 |
Compared to the git history, they take very little space. |
49 |
If you squash the portage tree, it is hardly measurable. |
50 |
And with the ChangeLogs, rsync would still be a sane option for |
51 |
most users. Without ChangeLogs many users are unnecessarily forced |
52 |
to change and to sacrifice the space for git history. |
53 |
|
54 |
> and as a bonus they want them prepended to |
55 |
> instead of appended so that rsync resends the whole thing instead of |
56 |
> just the tail... |
57 |
|
58 |
Your implicit claim is untrue. rsync - as used by portage - always |
59 |
transfers whole files, only. |
60 |
|
61 |
> But, this was endlessly debated before the decision was made. |
62 |
|
63 |
The decision was about removing the ChangeLogs from the git |
64 |
repository. This was certainly the correct decision, because - |
65 |
as you said - the ChangeLogs *can* be regenerated from the |
66 |
git history and thus it makes no sense to modify/store them |
67 |
redundantly. |
68 |
|
69 |
But I was speaking about the distribution of ChangeLogs in rsync: |
70 |
Whenever the infrastructure uses egencache to generate the metadata, |
71 |
it could simply pass --update-changelogs so that rsync users |
72 |
still would have ChangeLogs: They cannot get them from git history. |
73 |
|
74 |
> My |
75 |
> point is that the sorts of people who like Gentoo would probably tend |
76 |
> to like git. |
77 |
|
78 |
"Liking" git does not mean that one has to use it also for things |
79 |
for which it brings nothing. And for most users none of its features |
80 |
is useful for the portage tree. With one exception: ChangeLogs. |
81 |
That's why I am adverising to bring them back to the rsync tree. |
82 |
|
83 |
> The "keys problem" has nothing to do with the security of git |
84 |
> verification, because those keys are not used by git verification on |
85 |
> the end-user side. |
86 |
|
87 |
Whoever is that git/developer affine that he prefers git despite |
88 |
it costs more disk space will certainly want to use the actual |
89 |
source repository and not a worse rsync-clone repository. |
90 |
|
91 |
> It probably should be a configurable option in repos.conf, but |
92 |
> honestly, forced pushes are not something that should be considered a |
93 |
> good practice. |
94 |
|
95 |
1. portage shouldn't decide about practices of overlays. |
96 |
2. also in the official gentoo repository force pushes happen |
97 |
occassionally. Last occurrence was e.g. when undoing the |
98 |
malevolent forced push ;) |
99 |
3. git pull fails not only for forced pushes but also in several |
100 |
other occassions; for instance, if your filesystem changed inodes |
101 |
numbers (e.g. squash + overlayfs after a resquash+remount). |
102 |
4. Even if the user made the mistake to edit a file, portage should |
103 |
not just die on syncing. |