Daniel Carrera <[email protected]> writes: > Hello, > > I tried using Monotone for a while, but I have now gone back to > Darcs. I just find it so convenient to make change A, then B, then C, > and then decide I want to modify or delete A and I can just do > it. It's great! > > But I do wish that Darcs had the integrity guarantees that Monotone > has (and apparently Git and Mercurial too). Does anyone know if there > has been any work in this area? It looks like a difficult problem. If > you can re-order patches, as you can with Darcs, I can't immediately > see how you can make a checksum that will work correctly whether a > repository has patches AB or patches B'A'.
Rather than a checksum, you can create a context file (string), which identifies a repository state uniquely. Note that AB and B'A' will (probably) have different context files. I don't know if that matters to your use case -- I don't really understand your use case. > You /could/ make it so that all patches are digitally signed. So, if > you download patch A, Darcs might modify it into A' before applying > it, but you can at least verify that A was written by Daniel Carrera > because it has his signature. Anyone know if that would be a difficult > feature? Darcs can certainly sign patches, though unfortunately this is only supported during transmission layer, *not* in the repository itself. This is done with darcs send --sign. Also note that (AFAIK) this only supports GPG signing, and not the centralized stuff (ca-thingy? I don't really know). I for one would certainly support any work to improve Darcs scanty trust models. In particular, it sounds like a good idea for patches to get signed at record (not send) time, and stay signed. _______________________________________________ darcs-users mailing list [email protected] http://lists.osuosl.org/mailman/listinfo/darcs-users
