On 21.03.2011, at 12:40, Marcus Denker wrote: > > On Mar 21, 2011, at 12:23 PM, Sven Van Caekenberghe wrote: > >> >> On 21 Mar 2011, at 11:20, Bert Freudenberg wrote: >> >>> SqueakSource is simply a WebDAV server. All the versioning logic is local, >>> implemented in Monticello, so allowing overwrites is not really >>> SqueakSource's "fault". Besides, even if SqueakSource disallowed >>> overwriting a version (which it probably should) nothing would prevent >>> somebody else to upload a *new* version that did something bad. >> >> Yes versioning/naming is local and distributed, that is a feature. One >> cannot rely on the name alone. >> However, it is most certainly a bug that a server happily overwrites >> existing versions, a version control system should never do that. >> >> Your other points a valid, of course. >> >> > I think that "security" was not meant in the sense of accidentally loading > wrong code. More in the sense that one could just > delete all your code. Even though we have backups of the SqueakSource > filesystem, you don't want that, as it would be a > mess to repair. > > Marcus
IIRC SqueakSource keeps the old version as a separate file when "overwriting", so nothing is really lost. It's cumbersome to restore though indeed. - Bert -
