Having more than three phases (was RFC: Phase UI (revset, phase command and others))

Steven Brown stevengbrown at gmail.com
Sun Jan 8 18:07:28 CST 2012


On 9 January 2012 02:56, Jason Harris <jason at jasonfharris.com> wrote:
>
> On Jan 8, 2012, at 2:51 PM, Pierre-Yves David wrote:
>
>> On Sun, Jan 08, 2012 at 11:59:43AM +0100, Laurens Holst wrote:
>>> Op 7-1-2012 18:05, David Pierre-Yves schreef:
>>>>
>>>> Secret changeset are not indiscoverable secret in many ways. For
>>>> example you can pull them anyway if you explicitly  ask the server
>>>> for them. The secret phase is more a safety to prevent unexpected
>>>> pushing/pull some changeset, relying on them to keep stuff
>>>> undisclosed is wrong assumption and the name is probably bad then.
>>>
>>> But the cryptographic nature of changeset IDs prevents this from
>>> exposing information about the existence of these changeset IDs.
>>
>> I do not understand what you mean there
>>
>>> Of course it is true that it’s not really great that if you somehow
>>> retrieved the changeset ID, you are able to retrieve the whole
>>> changeset. So if you’d ask me this shouldn’t be possible either
>>> (what’s the use case for allowing it?).
>>>
>>> Why is this a wrong assumption, why wouldn’t we guarantee that
>>> secret changesets are actually that, secret? I think that would be a
>>> great and very useful property.
>>
>> The current mercurial code base work that way. The implementation of "secret
>> changeset" so far does no do anything else that pruning them from discovery
>> mechanisme.
>
> So again I think the name "secret" is then bad. Laurens has taken the command
> at it's face value, (as I would) and then is rightly complaining that something secret
> is not actually "secret". Better names might be:
>
> private / draft / public
>
> private / draft / complete
>
> unshared / draft / complete
>
> etc. But unless secret is actually, well secret, then it's likely not such a good name.
>
> (BTW thanks for going through all this work! )

Secret is an intuitive name for me. One of the things you can do with
a secret is to tell it to someone.

I find that private and unshared are less accurate. They both imply
that no-one else can see it.

>> Enforcing really secret changeset is much more work. Being certain it is
>> perflecty secure is an utopia.
>>
>> As code do not wrote himself over night the current behavior is likely to stay
>> as is. Except if someone really what such guarantee to exists so much that he
>> wrote code that implement them.
>>
>> On the other hand people can just use separated clone to keep your private stuff
>> unexposed and secure.
>
> Cheers,
>  Jas
> _______________________________________________
> Mercurial-devel mailing list
> Mercurial-devel at selenic.com
> http://selenic.com/mailman/listinfo/mercurial-devel


More information about the Mercurial-devel mailing list