Having more than three phases (was RFC: Phase UI (revset, phase command and others))
David Pierre-Yves
marmoute at gmail.com
Sat Jan 7 11:05:52 CST 2012
On 3 janv. 12, at 11:55, Laurens Holst wrote:
> Op 03-01-12 10:38, Pierre-Yves David schreef:
>> On Thu, Dec 29, 2011 at 01:22:51PM -0600, Matt Mackall wrote:
>>> Not really sure why this is necessary. After all, we only share
>>> public and draft, so only the public/draft boundary every needs to
>>> be exposed remotely.
>> Exchanging secret boundary are actually useful to detect secret
>> changeset that
>> exist elsewhere. The current behavior when such (not so) secret
>> changeset are
>> detect is to set them in draft phase (at least).
>
> I think the secret boundary should not be exchanged. By sharing you
> do give away some information, that at that point in time a
> changeset with that ID existed. Secret should mean secret, and you
> shouldn’t share this kind of information.
Secret changeset are not indiscoverable secret in many ways. For
example you can pull them anyway if you explicitly ask the server for
them. The secret phase is more a safety to prevent unexpected pushing/
pull some changeset, relying on them to keep stuff undisclosed is
wrong assumption and the name is probably bad then.
> E.g. say I made something during company time, but wanted to keep it
> secret so I can push it when I’m at home and (technically) keep the
> copyrights on it. If my boss can then prove I made the changeset
> during work hours by showing server logs that contain the changeset
> ID, they’ve got a pretty strong case.
>
> I’ve seen people publicly blogging changeset IDs to prove that a
> change was made without disclosing the contents of the changeset (to
> defend against possible patent claims with prior art), so this kind
> of use is not unrealistic.
Allowing people to cheat theier boss while using a single mercurial
clone is really not in my requirement list for this feature. And I'll
not bend to death the way phases concept is implemented just to
fullfil it.
To bikeshred your example:
(1) The initial assumption that you will keep the copyright but
pushing it from home is wrong in many country.
(2) The fact that the hash show up in your bosses log does *not* mean
it was created during work hour
--
Pierre-Yves David
More information about the Mercurial-devel
mailing list