[PATCH 1 of 4] schemas: add schemas to repositories

Durham Goode durham at fb.com
Wed Aug 7 17:40:11 CDT 2013


On 8/6/13 11:34 PM, "Angel Ezquerra" <angel.ezquerra at gmail.com> wrote:

>On Wed, Aug 7, 2013 at 2:28 AM, Durham Goode <durham at fb.com> wrote:
>> # HG changeset patch
>> # User Durham Goode <durham at fb.com>
>> # Date 1375827328 25200
>> #      Tue Aug 06 15:15:28 2013 -0700
>> # Node ID f6fca02b697a67bec6e6ca2c9a48d7c7d7f1d077
>> # Parent  3e34e7b223d10bbe8814f82d7a1f53575fe09096
>> schemas: add schemas to repositories
>>
>> This adds the concept of schemas to repositories. A schema is a
>>key/value pair
>> indicating alternative means of accessing the remote repository. For
>>example,
>> the largefiles extension might provide a schema such as:
>>
>> largefiles http://some.cdn.com/myrepo
>>
>> When a user interacts with the repository, if the client knows how to
>>handle
>> the largefiles schema, it will read the url and obtain largefiles from
>>the
>> url. Thus letting you serve large files from a CDN.
>>
>> The key difference between this and normal hgrc config options is that
>>it is
>> copied across to the client during clone/pull. So if a client clones
>>from
>> another client, they will also see the available schemas from the
>>original
>> server. The logic for clone/pull will happen in a later patch.
>>
>> This change enables an extension we're working on that will keep all of
>>the
>> file history on the server, and clients will all have shallow repos.
>
>Durham,
>
>have you had a look at the projrc extension? You can find it at
>http://mercurial.selenic.com/wiki/ProjrcExtension
>
>It seems to cover the use case you describe (if I understood what your
>extension does correctly) but it also seems to cover other important
>use cases.
>
>Basically, it lets you define a ".projrc" file which contains an hgrc
>configuration that is transmitted to the client on clone and pull. The
>client can configure which subset of the .projrc configuration is
>willing to accept, on a server by server basis, which is meant to make
>the extension as safe as such an extension can be (for example you can
>chose to never accept extension or hook configurations).
>
>This extension was developed by Martin Geisler for one of its clients
>(Lantiq) and I have been maintaining it. It is bundled with
>TortoiseHg.
>
>I wonder if perhaps bundling the projrc extension with mercurial would
>not cover your needs?
>
>Now, regarding your patch, if you still want to go ahead with your
>"schemas" file, perhaps it would be best if it had a more .hgrc like
>syntax (i.e. "key= value", rather than "key value")?
>
>Cheers,
>
>Angel
>

I wasn't aware of the projrc extension, but I did discuss that concept
internally and with Matt. I think the problem is that it just isn't secure
enough.  If one of our users is dumb and sets up "servers = *, include =
*", they could execute arbitrary code from bitbucket within our network.

Durham



More information about the Mercurial-devel mailing list