On 2/23/2017 4:01 PM, Warren Young wrote:
The PHC scheme would allow Fossil to migrate to something stronger in a
backwards-compatible fashion:
https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md
That is, if the hash argument in the F, P, and Q cards is not 40
On 2/24/17, Warren Young wrote:
> While poking around inside the Fossil DB, I came away with several
> questions:
>
> 1. What is event.euser? This column seems completely unused on my largest
> repository. (select distinct count(euser) from event == 0) I’ve tried
> grepping
While looking at the main /reports page (Timeline Events by User) on a
long-lived repo originally converted from Subversion (itself converted from
CVS), I saw some old user names that don’t match the user names currently
defined in Fossil’s user table. These were imported from our prior SCM(s)
On Thu, Feb 23, 2017 at 05:01:56PM -0700, Warren Young wrote:
> Second, there will be those who say we’ve covered all of this already,
> multiple times. I know, I was there. But now we have new data.
> Before, this sort of attack was theoretical only. Now it’s not only
> proven possible, it is
On Fri, Feb 24, 2017 at 10:27:11AM -0700, Warren Young wrote:
> What table did I miss updating? Where is “fossil clone” getting the old user
> names from?
From the blob table :)
Joerg
___
fossil-users mailing list
fossil-users@lists.fossil-scm.org
Are you saing:
contenthash = sha256(content);
identifier = sha256 (contenthash . blobtype . conentsize . content);
"blobtype" == cardtype ?
-bch
On 2/24/17, Joerg Sonnenberger wrote:
> On Thu, Feb 23, 2017 at 05:01:56PM -0700, Warren Young wrote:
>> Second, there will be
While poking around inside the Fossil DB, I came away with several questions:
1. What is event.euser? This column seems completely unused on my largest
repository. (select distinct count(euser) from event == 0) I’ve tried
grepping the source, and all I saw is a bunch of coalesce(user,euser)
On Feb 24, 2017, at 10:49 AM, Joerg Sonnenberger wrote:
>
> On Fri, Feb 24, 2017 at 10:27:11AM -0700, Warren Young wrote:
>> What table did I miss updating? Where is “fossil clone” getting the old
>> user names from?
>
> From the blob table :)
I assume you mean the U card in
On Fri, Feb 24, 2017 at 10:32:20AM -0800, bch wrote:
> Are you saing:
>
> contenthash = sha256(content);
> identifier = sha256 (contenthash . blobtype . conentsize . content);
>
> "blobtype" == cardtype ?
Yes.
Joerg
___
fossil-users mailing list
On Feb 24, 2017, at 10:37 AM, Joerg Sonnenberger wrote:
>
> On Thu, Feb 23, 2017 at 05:01:56PM -0700, Warren Young wrote:
>> But now we have new data.
>> Before, this sort of attack was theoretical only. Now it’s not only
>> proven possible, it is already within the ROI budget for
10 matches
Mail list logo