Re: [fossil-users] setting hash-policy via web UI
Thanks for the detailed replies. I will make the leap to v2.1 shortly. Thanks for Fossils-ha! On Thu, Mar 9, 2017 at 7:02 PM, Warren Youngwrote: > On Mar 9, 2017, at 3:11 PM, sky5w...@gmail.com wrote: > > > > I am asking since I would prefer to create new repo's with sha3 now > using fossil 2.1. > > That’s what you will get by default. You have to go out of your way with > Fossil 2.1+ to get a new SHA-1 based repo. > > > Then figure how to update/rebuild my older repo's using sha3? > > Upgrade to Fossil 2.1+, then say “fossil set hash-policy sha3” in each > repo where you want new content to be hashed with SHA-3. > > If all your local repos either need to be converted or are clones of > remote repos that will soon be shipping SHA-3 hashed artifacts (e.g. Fossil > itself), you can say “fossil all set hash-policy sha3” instead, upgrading > them all at once. > > Fossil 2.1+ will purposely not rewrite all the old artifacts with SHA-3 > hashes because that would break any intra-repository links, such as between > checkin comments and tickets, wiki articles and mentioned checkins, etc. > Only new content gets hashed with SHA-3 once its hash policy has been > switched to SHA-3, whether explicitly or implicitly. > > See the “firewall” thread if you’re worried about the consequences of > leaving the old content hashed with SHA-1. (Executive summary: relax.) > > Maybe someone will write a tool that rebuilds an old repo with all-SHA-3 > for those who aren’t worried about the intra-repository links. > ___ > fossil-users mailing list > fossil-users@lists.fossil-scm.org > http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users > ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] setting hash-policy via web UI
On Mar 9, 2017, at 3:11 PM, sky5w...@gmail.com wrote: > > I am asking since I would prefer to create new repo's with sha3 now using > fossil 2.1. That’s what you will get by default. You have to go out of your way with Fossil 2.1+ to get a new SHA-1 based repo. > Then figure how to update/rebuild my older repo's using sha3? Upgrade to Fossil 2.1+, then say “fossil set hash-policy sha3” in each repo where you want new content to be hashed with SHA-3. If all your local repos either need to be converted or are clones of remote repos that will soon be shipping SHA-3 hashed artifacts (e.g. Fossil itself), you can say “fossil all set hash-policy sha3” instead, upgrading them all at once. Fossil 2.1+ will purposely not rewrite all the old artifacts with SHA-3 hashes because that would break any intra-repository links, such as between checkin comments and tickets, wiki articles and mentioned checkins, etc. Only new content gets hashed with SHA-3 once its hash policy has been switched to SHA-3, whether explicitly or implicitly. See the “firewall” thread if you’re worried about the consequences of leaving the old content hashed with SHA-1. (Executive summary: relax.) Maybe someone will write a tool that rebuilds an old repo with all-SHA-3 for those who aren’t worried about the intra-repository links. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] setting hash-policy via web UI
On 3/9/17, sky5w...@gmail.comwrote: > Confused a bit reading this...will Fossil 2.1 default to sha3 or sha1 > hardened? The default hash-policy is "auto", which means use Hardened-SHA1 for all repos that have only SHA1 artifacts, but promote to "sha3" in any repository that contains one or more SHA3 artifacts. So when working with legacy repositories, only Hardened-SHA1 artifacts are generated. But when you create a new repository using "fossil new" the initial check-in is SHA3 (unless you use the --sha1 command-line option) which causes the default "auto" to immediately promote to "sha3". -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] setting hash-policy via web UI
Confused a bit reading this...will Fossil 2.1 default to sha3 or sha1 hardened?http://www.fossil-scm.org/index.html/doc/trunk/www/hashpolicy.wiki"A Pure SHA3 FutureAt some point in the future, years from now, after everybody has finally upgraded to Fossil 2.0 or later, the default hash policy will probably change to "sha3", or maybe even "shun-sha1". By the time that happens, you will probably already be using SHA3 on all your projects and so you are unlikely to notice." I am asking since I would prefer to create new repo's with sha3 now using fossil 2.1. Then figure how to update/rebuild my older repo's using sha3? Is that even possible? On Thu, Mar 9, 2017 at 5:03 PM, Warren Youngwrote: > On Mar 9, 2017, at 3:00 PM, Warren Young wrote: > > > > Maybe then just a notice in Admin > Configuration or similar: “Hey, you > know you’ve got a repo that Fossil 1.x can’t read, right? Just checking.” > > It could be conditional based on the repository age, disappearing after a > week or a month. And the code to generate it can be removed once Fossil > 2.x is old enough that the chances of running into Fossil 1.x is tiny. > ___ > fossil-users mailing list > fossil-users@lists.fossil-scm.org > http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users > ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] setting hash-policy via web UI
On Mar 9, 2017, at 3:00 PM, Warren Youngwrote: > > Maybe then just a notice in Admin > Configuration or similar: “Hey, you know > you’ve got a repo that Fossil 1.x can’t read, right? Just checking.” It could be conditional based on the repository age, disappearing after a week or a month. And the code to generate it can be removed once Fossil 2.x is old enough that the chances of running into Fossil 1.x is tiny. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] setting hash-policy via web UI
On Mar 9, 2017, at 2:59 PM, Richard Hippwrote: > > The "fossil new" command creates an initial, empty check-in which is > suppose to become the ancestor of all future check-ins. That check-in > will have a SHA3 hash, unless you use the --sha1 option on "fossil > new”. Maybe then just a notice in Admin > Configuration or similar: “Hey, you know you’ve got a repo that Fossil 1.x can’t read, right? Just checking.” ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] setting hash-policy via web UI
On 3/9/17, Warren Youngwrote: > On Mar 9, 2017, at 2:54 PM, Richard Hipp wrote: >> >> On 3/9/17, Warren Young wrote: >>> Our newbie may be setting up a repo that >>> they know needs to be accessible to Fossil 1.x clients, and they can’t >>> force >>> the upgrade. >> >> Our newbie is going to need to know about the --sha1 option to "fossil >> new". > > You’re saying that if I init a repo in SHA3 mode, then open it and > immediately go into Fossil UI, it’s already too late to change the hash > policy? > > I thought it wouldn’t be too late until the first commit happened. > > Is it because of the initial empty commit? The "fossil new" command creates an initial, empty check-in which is suppose to become the ancestor of all future check-ins. That check-in will have a SHA3 hash, unless you use the --sha1 option on "fossil new". And once you get one SHA3 artifact in the repo, legacy clients cannot handle it. -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] setting hash-policy via web UI
On Mar 9, 2017, at 2:54 PM, Richard Hippwrote: > > On 3/9/17, Warren Young wrote: >> Our newbie may be setting up a repo that >> they know needs to be accessible to Fossil 1.x clients, and they can’t force >> the upgrade. > > Our newbie is going to need to know about the --sha1 option to "fossil > new". You’re saying that if I init a repo in SHA3 mode, then open it and immediately go into Fossil UI, it’s already too late to change the hash policy? I thought it wouldn’t be too late until the first commit happened. Is it because of the initial empty commit? ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] setting hash-policy via web UI
On 3/9/17, Warren Youngwrote: >Our newbie may be setting up a repo that > they know needs to be accessible to Fossil 1.x clients, and they can’t force > the upgrade. Our newbie is going to need to know about the --sha1 option to "fossil new". Otherwise, the initial check-in created will use a SHA3 hash and the whole repository will be inaccessible to older clients. Adding a method to change the hash-policy later won't help that. -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] setting hash-policy via web UI
On Mar 9, 2017, at 2:24 PM, Richard Hippwrote: > > On 3/9/17, Eduard wrote: >> >> Are there plans to expose the 'hash-policy' configuration option for >> modification in the fossil web interface? > > No. I was hoping to avoid yet another configuration option that > people have to think about when setting up a new Fossil instance. > hash-policy is suppose to be automatic for most users. While I agree that the defaults are sensible and should rarely be changed, there are cases where a Fossil newbie would regret not finding this option until after commits have happened. Our newbie may be setting up a repo that they know needs to be accessible to Fossil 1.x clients, and they can’t force the upgrade. Other settings can be hidden away in the command line because the consequences of changing them are low. This option, though, is (*ahem*) a one-way function. (Thank you folks, I’ll be here all week. Try the veal.) If that argument makes you reconsider putting this in the UI, I think this setting would fit in quite nicely with what’s already in Admin > Configuration. As with the other sensible defaults there, its presence isn’t so much because it needs to be changed often, it’s because you want to be sure the user has had a chance to agree that the default is sensible early on. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] setting hash-policy via web UI
On 3/9/17, Eduardwrote: > > Are there plans to expose the 'hash-policy' configuration option for > modification in the fossil web interface? > No. I was hoping to avoid yet another configuration option that people have to think about when setting up a new Fossil instance. hash-policy is suppose to be automatic for most users. -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
[fossil-users] setting hash-policy via web UI
Hello, Are there plans to expose the 'hash-policy' configuration option for modification in the fossil web interface? Best, Eduard ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users