Re: [fossil-users] Show time...
On Mon, 4 Jun 2018 03:43:19 +0200 Stephan Beal wrote: > On Mon, Jun 4, 2018, 03:33 Richard Hipp wrote: > > > On 6/3/18, Richard Hipp wrote: > > > > > > So, if anybody sees any last minute tidying up that we need to do... > > > > For example, on the front page > > (https://fossil-scm.org/index.html/doc/trunk/www/index.wiki), what if > > I add some text to item 8 to talk about how Fossil is "Independent and > > not beholden to venture capitalists". Too snarky? > > > > Murphy's Law suggests that the moment you post that the moment you post > that, Microsoft, Google, or Oracle will make you an offer you can't refuse > (and that statement will remain part of the fossilized record). It is already on the mailing list now, probably already archived by various list archivers, so good luck with that one. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
- Paleo - Jurassic - Diatom - Trilobyte Better yet, find a term begining with 'C' so that you can have the 'C Versioning System.' On Wed, 6 Jun 2018 21:26:22 -0400 Eduard wrote: > I might enable public registration 'soon'. Now all I need is a catchy > name, like `chiselapp` :p ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On Jun 6, 2018, at 7:26 PM, Eduard wrote: > > Now all I need is a catchy name, like `chiselapp` :p I put my fossils in /museum. You are free to do the same. :) ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On 06/06/18 20:26, Eduard wrote: I might enable public registration 'soon'. Now all I need is a catchy name, like `chiselapp` :p There are plenty of fossil terms to choose from, for example archaeo. -- Andy Goth | ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
I finished implementing UID-based segregation. You can view the resulting code here[1]. In particular, you may find the suid wrapper at `fossil/hydra_fossil_chroot_wrapper.c` useful for your own purposes. I've added a patch for safe Tcl (controlled by configure switch `--force-tcl-makesafe`). I've however left Tcl disabled altogether for two main reasons: - Tcl provides far too large an attack surface. - The Tcl interpreter needs access to its function library in `/usr/share/tcltk/tcl8.6/`, and I don't feel like messing with bind mounts right now to make it available. I might enable public registration 'soon'. Now all I need is a catchy name, like `chiselapp` :p [1] https://hydra.ecd.space/f/hydra/info/c34b243efda4fe2775d7c46f1d9b3cd1b2eb7190eb22933e469c7eb08fee5636 Cheers, Eduard ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On Tue, Jun 5, 2018, 23:19 Stéphane Aulery wrote: > > Barely one day and I have already received this link [1] by Hacker News > RSS feed. > > Maybe you can make your advocacy here. > > [1] https://tutswiki.com/github-alternatives/ Which reminds me: i saw an ad on SourceForge (remember them? The first platform of its kind?) offering git sync from github. - stephan Sent from a mobile device, possibly left-handed from bed. Please excuse brevity, typos, and top-posting. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
Hello, Le 05/06/2018 à 04:37, Roy Keene a écrit : Other things we do at ChiselApp: On Mon, 4 Jun 2018, Eduard wrote: I was planning on making a more official announcement, but here goes. I'm the developer of Hydra, a single-sign-on and manager for fossil repositories. https://hydra.ecd.space/f/hydra/wiki/hydra I think this is relevant as people may be looking to GitHub alternatives for multiproject hosting. Barely one day and I have already received this link [1] by Hacker News RSS feed. Maybe you can make your advocacy here. [1] https://tutswiki.com/github-alternatives/ Regards, -- Stéphane Aulery ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
The other thing to keep in mind is that I want Fossil reposistories from the same user to be able to access the user's other repositories, since they could be part of a login group. On Tue, 5 Jun 2018, Eduard wrote: 1. Enable Safe interpreters for Tcl How did you do that? The flint repository doesn't seem to include the fossil build script. 2. Enforce that the SSH program cannot be run (by patching popen2() to return an error) Are you not using chroot to protect repositories from each other? 3. (Not complete, but started) run each instance of Fossil as a different UID based on their Flint UID+131072 That's actually the next thing on my TODO list -- I think it's a good idea! 1. Need to add the domain to the Public Suffix List (otherwise, you haven't mitigated the issue completely) I think the only security issue left vis-a-vis untrusted subdomains is that a malicious repository can insert thousands of junk cookies, displacing the login cookie on the secure subdomain and thus logging the user out. I think it's a mild annoyance at most. Feel free to contradict me on this. 2. Getting a wildcard cert I also put it off for the longest time. It turned out to be surprisingly easy to do, and in fact less annoying than http validation. Cheers, Eduard On 06/04/2018 10:37 PM, Roy Keene wrote: Other things we do at ChiselApp: 1. Enable Safe interpreters for Tcl 2. Enforce that the SSH program cannot be run (by patching popen2() to return an error) 3. (Not complete, but started) run each instance of Fossil as a different UID based on their Flint UID+131072 I thought about putting each repo under their own domain, but doing so requires a bit more work: 1. Need to add the domain to the Public Suffix List (otherwise, you haven't mitigated the issue completely) 2. Getting a wildcard cert On Mon, 4 Jun 2018, Eduard wrote: I was planning on making a more official announcement, but here goes. I'm the developer of Hydra, a single-sign-on and manager for fossil repositories. https://hydra.ecd.space/f/hydra/wiki/hydra I think this is relevant as people may be looking to GitHub alternatives for multiproject hosting. I've recently fixed the XSS/CSRF vulnerabilities inherent to hosting multiple repositories on the same domain (which also affect chiselapp), when setup privilege is given to malicious users (for the repositories they create) and they convince other people to visit their malicious repository while logged in. I've done this by using a separate subdomain for each repository, and by patching Fossil itself to receive the CSRF token from Hydra. More details here: https://static.ecd.space/x/hydra/doc/build/html/subdomains.html I've also done some security hardening by dropping each repository in a separate chroot (to contain damage from a potential arbitrary code execution vulnerability in fossil itself). (Sorry drh, I accidentally replied only to you instead of the mailing list.) On 06/03/2018 09:28 PM, Richard Hipp wrote: There is suddenly a big uptick in traffic to fossil-scm.org, apparently due to the recent GitHub rumor. Unlike that traditional "slashdot effect", though, the referrals seem to be coming for a large variety of sources. So, if anybody sees any last minute tidying up that we need to do to the website in anticipation of a huge influx of first-time visitors, please speak up. Quickly. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
The patch #1 is not a part of Flint, just ChiselApp -- Flint users supply their own Fossil with their specific requirements, which may not include safe Tcl. Attached are the two patches in question. On Tue, 5 Jun 2018, Eduard wrote: 1. Enable Safe interpreters for Tcl How did you do that? The flint repository doesn't seem to include the fossil build script. 2. Enforce that the SSH program cannot be run (by patching popen2() to return an error) Are you not using chroot to protect repositories from each other? 3. (Not complete, but started) run each instance of Fossil as a different UID based on their Flint UID+131072 That's actually the next thing on my TODO list -- I think it's a good idea! 1. Need to add the domain to the Public Suffix List (otherwise, you haven't mitigated the issue completely) I think the only security issue left vis-a-vis untrusted subdomains is that a malicious repository can insert thousands of junk cookies, displacing the login cookie on the secure subdomain and thus logging the user out. I think it's a mild annoyance at most. Feel free to contradict me on this. 2. Getting a wildcard cert I also put it off for the longest time. It turned out to be surprisingly easy to do, and in fact less annoying than http validation. Cheers, Eduard On 06/04/2018 10:37 PM, Roy Keene wrote: Other things we do at ChiselApp: 1. Enable Safe interpreters for Tcl 2. Enforce that the SSH program cannot be run (by patching popen2() to return an error) 3. (Not complete, but started) run each instance of Fossil as a different UID based on their Flint UID+131072 I thought about putting each repo under their own domain, but doing so requires a bit more work: 1. Need to add the domain to the Public Suffix List (otherwise, you haven't mitigated the issue completely) 2. Getting a wildcard cert On Mon, 4 Jun 2018, Eduard wrote: I was planning on making a more official announcement, but here goes. I'm the developer of Hydra, a single-sign-on and manager for fossil repositories. https://hydra.ecd.space/f/hydra/wiki/hydra I think this is relevant as people may be looking to GitHub alternatives for multiproject hosting. I've recently fixed the XSS/CSRF vulnerabilities inherent to hosting multiple repositories on the same domain (which also affect chiselapp), when setup privilege is given to malicious users (for the repositories they create) and they convince other people to visit their malicious repository while logged in. I've done this by using a separate subdomain for each repository, and by patching Fossil itself to receive the CSRF token from Hydra. More details here: https://static.ecd.space/x/hydra/doc/build/html/subdomains.html I've also done some security hardening by dropping each repository in a separate chroot (to contain damage from a potential arbitrary code execution vulnerability in fossil itself). (Sorry drh, I accidentally replied only to you instead of the mailing list.) On 06/03/2018 09:28 PM, Richard Hipp wrote: There is suddenly a big uptick in traffic to fossil-scm.org, apparently due to the recent GitHub rumor. Unlike that traditional "slashdot effect", though, the referrals seem to be coming for a large variety of sources. So, if anybody sees any last minute tidying up that we need to do to the website in anticipation of a huge influx of first-time visitors, please speak up. Quickly. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users diff -uNr fossil-2.1.orig/src/th_tcl.c fossil-2.1-safeinterp/src/th_tcl.c --- fossil-2.1.orig/src/th_tcl.c2017-03-10 11:07:08.0 -0600 +++ fossil-2.1-safeinterp/src/th_tcl.c 2017-03-16 10:34:59.922893000 -0500 @@ -148,6 +148,9 @@ # ifndef TCL_CREATEINTERP_NAME #define TCL_CREATEINTERP_NAME "_Tcl_CreateInterp\0" # endif +# ifndef TCL_MAKESAFE_NAME +#define TCL_MAKESAFE_NAME "_Tcl_MakeSafe\0" +# endif # ifndef TCL_DELETEINTERP_NAME #define TCL_DELETEINTERP_NAME "_Tcl_DeleteInterp\0" # endif @@ -180,6 +183,7 @@ */ typedef void (tcl_FindExecutableProc) (const char *); typedef Tcl_Interp *(tcl_CreateInterpProc) (void); +typedef int (tcl_MakeSafeProc) (Tcl_Interp *interp); typedef void (tcl_DeleteInterpProc) (Tcl_Interp *); typedef void (tcl_FinalizeProc) (void); @@ -405,6 +409,7 @@ void *hLibrary; /* The Tcl library module handle. */ tcl_FindExecutableProc *xFindExecutable; /* Tcl_FindExecutable() pointer. */
Re: [fossil-users] Show time...
> 1. Enable Safe interpreters for Tcl How did you do that? The flint repository doesn't seem to include the fossil build script. > 2. Enforce that the SSH program cannot be run (by patching popen2() > to return an error) Are you not using chroot to protect repositories from each other? > 3. (Not complete, but started) run each instance of Fossil as a > different UID based on their Flint UID+131072 That's actually the next thing on my TODO list -- I think it's a good idea! > 1. Need to add the domain to the Public Suffix List (otherwise, > you haven't mitigated the issue completely) I think the only security issue left vis-a-vis untrusted subdomains is that a malicious repository can insert thousands of junk cookies, displacing the login cookie on the secure subdomain and thus logging the user out. I think it's a mild annoyance at most. Feel free to contradict me on this. > 2. Getting a wildcard cert I also put it off for the longest time. It turned out to be surprisingly easy to do, and in fact less annoying than http validation. Cheers, Eduard On 06/04/2018 10:37 PM, Roy Keene wrote: Other things we do at ChiselApp: 1. Enable Safe interpreters for Tcl 2. Enforce that the SSH program cannot be run (by patching popen2() to return an error) 3. (Not complete, but started) run each instance of Fossil as a different UID based on their Flint UID+131072 I thought about putting each repo under their own domain, but doing so requires a bit more work: 1. Need to add the domain to the Public Suffix List (otherwise, you haven't mitigated the issue completely) 2. Getting a wildcard cert On Mon, 4 Jun 2018, Eduard wrote: I was planning on making a more official announcement, but here goes. I'm the developer of Hydra, a single-sign-on and manager for fossil repositories. https://hydra.ecd.space/f/hydra/wiki/hydra I think this is relevant as people may be looking to GitHub alternatives for multiproject hosting. I've recently fixed the XSS/CSRF vulnerabilities inherent to hosting multiple repositories on the same domain (which also affect chiselapp), when setup privilege is given to malicious users (for the repositories they create) and they convince other people to visit their malicious repository while logged in. I've done this by using a separate subdomain for each repository, and by patching Fossil itself to receive the CSRF token from Hydra. More details here: https://static.ecd.space/x/hydra/doc/build/html/subdomains.html I've also done some security hardening by dropping each repository in a separate chroot (to contain damage from a potential arbitrary code execution vulnerability in fossil itself). (Sorry drh, I accidentally replied only to you instead of the mailing list.) On 06/03/2018 09:28 PM, Richard Hipp wrote: There is suddenly a big uptick in traffic to fossil-scm.org, apparently due to the recent GitHub rumor. Unlike that traditional "slashdot effect", though, the referrals seem to be coming for a large variety of sources. So, if anybody sees any last minute tidying up that we need to do to the website in anticipation of a huge influx of first-time visitors, please speak up. Quickly. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
Other things we do at ChiselApp: 1. Enable Safe interpreters for Tcl 2. Enforce that the SSH program cannot be run (by patching popen2() to return an error) 3. (Not complete, but started) run each instance of Fossil as a different UID based on their Flint UID+131072 I thought about putting each repo under their own domain, but doing so requires a bit more work: 1. Need to add the domain to the Public Suffix List (otherwise, you haven't mitigated the issue completely) 2. Getting a wildcard cert On Mon, 4 Jun 2018, Eduard wrote: I was planning on making a more official announcement, but here goes. I'm the developer of Hydra, a single-sign-on and manager for fossil repositories. https://hydra.ecd.space/f/hydra/wiki/hydra I think this is relevant as people may be looking to GitHub alternatives for multiproject hosting. I've recently fixed the XSS/CSRF vulnerabilities inherent to hosting multiple repositories on the same domain (which also affect chiselapp), when setup privilege is given to malicious users (for the repositories they create) and they convince other people to visit their malicious repository while logged in. I've done this by using a separate subdomain for each repository, and by patching Fossil itself to receive the CSRF token from Hydra. More details here: https://static.ecd.space/x/hydra/doc/build/html/subdomains.html I've also done some security hardening by dropping each repository in a separate chroot (to contain damage from a potential arbitrary code execution vulnerability in fossil itself). (Sorry drh, I accidentally replied only to you instead of the mailing list.) On 06/03/2018 09:28 PM, Richard Hipp wrote: There is suddenly a big uptick in traffic to fossil-scm.org, apparently due to the recent GitHub rumor. Unlike that traditional "slashdot effect", though, the referrals seem to be coming for a large variety of sources. So, if anybody sees any last minute tidying up that we need to do to the website in anticipation of a huge influx of first-time visitors, please speak up. Quickly. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
I was planning on making a more official announcement, but here goes. I'm the developer of Hydra, a single-sign-on and manager for fossil repositories. https://hydra.ecd.space/f/hydra/wiki/hydra I think this is relevant as people may be looking to GitHub alternatives for multiproject hosting. I've recently fixed the XSS/CSRF vulnerabilities inherent to hosting multiple repositories on the same domain (which also affect chiselapp), when setup privilege is given to malicious users (for the repositories they create) and they convince other people to visit their malicious repository while logged in. I've done this by using a separate subdomain for each repository, and by patching Fossil itself to receive the CSRF token from Hydra. More details here: https://static.ecd.space/x/hydra/doc/build/html/subdomains.html I've also done some security hardening by dropping each repository in a separate chroot (to contain damage from a potential arbitrary code execution vulnerability in fossil itself). (Sorry drh, I accidentally replied only to you instead of the mailing list.) On 06/03/2018 09:28 PM, Richard Hipp wrote: There is suddenly a big uptick in traffic to fossil-scm.org, apparently due to the recent GitHub rumor. Unlike that traditional "slashdot effect", though, the referrals seem to be coming for a large variety of sources. So, if anybody sees any last minute tidying up that we need to do to the website in anticipation of a huge influx of first-time visitors, please speak up. Quickly. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On Jun 3, 2018, at 7:28 PM, Richard Hipp wrote: > > So, if anybody sees any last minute tidying up that we need to do to > the website in anticipation of a huge influx of first-time visitors, > please speak up. Quickly. There are several nits to pick on the Fossil vs. Git page: http://fossil-scm.org/index.html/doc/trunk/www/fossil-v-git.wiki I’ve just checked in a few minor fixes to it. One remaining issue that has been noticed before and is still outstanding is that in style.css, the rules for h2 and h3 have their sizes swapped, so that the subordinate header is rendered in a larger font. I believe the simplest fix is that this: .content h2 { font-size: 1.05em; font-weight: bold; } should be: .content h3 { font-size: 1.05em; } That is, we’ve got a simple typo here, h2 -> h3. There is no need to bold the font explicitly, as that’s the default in all sensible browsers, but it’s harmless to include it. If you feel it’s necessary to keep it, it should probably be done in h1 as well for consistency. Another issue, which is much bigger, is that because the section 3 points expand on the summary table, it makes much the same points repeatedly. Sections 3.3, 3.4, and 3.7 could be merged. Additionally, I think this document should explicitly ask the question, “Does your project look more like that of the Linux kernel, or more like that of SQLite?” The comment about the low-friction path addresses this somewhat, but I think the focus should be more on these design decisions’ impact on the end-user experience than on the history that lead to the decisions. I like the summary table, and I like the parallel to it in section 3, so maybe the simplest fix is to reorder these points to group them, then make these three sections 3.3.1, 3.3.2, and 3.3.3, with the superordinate section 3.3 covering the common matters. That in turn would require an h4 level, not something that is currently defined in style.css, but the default stylesheets should include not only that, but also h5. Section 3.6 should mention git-worktree as a partial solution to this relative weakness of Git, but also discuss its unfortunate consequences and remaining weaknesses: https://www.mail-archive.com/fossil-users@lists.fossil-scm.org/msg25686.html Section 4.1 repeats much of what’s in section 3. I think you could drop the explanatory paragraph below the first three bold bullet points, as they now need no explanation. I think timeline.rss is worth its own bullet point in section 4.1. It’s not strictly part of Fossil UI; that would be /timeline. In section 4.2, you should mention narrow and shallow clones. Git has them, Fossil doesn’t. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
Is ChiselApp not serious enough for you ? On Sun, 3 Jun 2018, Joseph R. Justice wrote: On Sun, Jun 3, 2018, 9:33 PM Richard Hipp wrote: On 6/3/18, Richard Hipp wrote: > > So, if anybody sees any last minute tidying up that we need to do... For example, on the front page (https://fossil-scm.org/index.html/doc/trunk/www/index.wiki), what if I add some text to item 8 to talk about how Fossil is "Independent and not beholden to venture capitalists". Too snarky? Neither is Git. The Fossil-based competition to GitHub would be, for instance, Chiselapp (IIRC). I dare say that the greatest beneficiary of this stuff is likely to be Gitlab. Is anybody doing any serious for-profit Fossil repository hosting yet? Joseph ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
Adding the full-text-search to the header by default could be helpful; it's nice having repository search close-at-hand in GitHub/GitLab On Mon, Jun 4, 2018 at 2:23 AM, Gour wrote: > On Sun, 3 Jun 2018 20:03:44 -0700 > Jungle Boogie > wrote: > > > This line: > > SQLite project gets excellent 73:1 compression. > > $ fossil dbstat > project-name: Osobne financije > repository-size: 6,873,088 bytes > artifact-count:2,578 (stored as 1,394 full text and 1,184 deltas) > artifact-sizes:3,962,610 average, 13,965,692 max, 10,215,609,449 total > compression-ratio: 1486:1 > check-ins: 1,507 > ... > > :-) > > > Sincerely, > Gour > > -- > You have a right to perform your prescribed duty, but you > are not entitled to the fruits of action. Never consider > yourself the cause of the results of your activities, > and never be attached to not doing your duty. > > > ___ > fossil-users mailing list > fossil-users@lists.fossil-scm.org > http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users > ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On Sun, 3 Jun 2018 20:03:44 -0700 Jungle Boogie wrote: > This line: > SQLite project gets excellent 73:1 compression. $ fossil dbstat project-name: Osobne financije repository-size: 6,873,088 bytes artifact-count:2,578 (stored as 1,394 full text and 1,184 deltas) artifact-sizes:3,962,610 average, 13,965,692 max, 10,215,609,449 total compression-ratio: 1486:1 check-ins: 1,507 ... :-) Sincerely, Gour -- You have a right to perform your prescribed duty, but you are not entitled to the fruits of action. Never consider yourself the cause of the results of your activities, and never be attached to not doing your duty. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On Sun 03 Jun 2018 9:28 PM, Richard Hipp wrote: > There is suddenly a big uptick in traffic to fossil-scm.org, > apparently due to the recent GitHub rumor. Unlike that traditional > "slashdot effect", though, the referrals seem to be coming for a large > variety of sources. > > So, if anybody sees any last minute tidying up that we need to do to > the website in anticipation of a huge influx of first-time visitors, > please speak up. Quickly. On the homepage: Maybe a blurb about using sha3 in light of what happened with sha1. Link to reports and/or stats page: https://www.fossil-scm.org/index.html/reports This is not to show off how active fossil itself is, but Github projects have the insights tab easily available. > > -- > D. Richard Hipp > d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On Sun 03 Jun 2018 11:06 PM, Richard Hipp wrote: > On 6/3/18, Jungle Boogie wrote: > > On Sun 03 Jun 2018 10:47 PM, Richard Hipp wrote: > >> On 6/3/18, jungle Boogie wrote: > >> > > >> > Since it's linked from the homepage, maybe this can be updated to show > >> > that > >> > a) project website is still updated and b) to show fossil is still > >> > efficient. > >> > > >> > http://fossil-scm.org/index.html/doc/trunk/www/stats.wiki > >> > > >> > >> Updated. > > > > This line: > > SQLite project gets excellent 73:1 compression. > > > > Chart now shows 80:1! Perhaps just 73:1 or better? > > I got 80:1 on a fresh clone. You get something different? No, the text under 'Analysis And Supplemental Data' shows the older 73:1. > -- > D. Richard Hipp > d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On 6/3/18, Jungle Boogie wrote: > On Sun 03 Jun 2018 10:47 PM, Richard Hipp wrote: >> On 6/3/18, jungle Boogie wrote: >> > >> > Since it's linked from the homepage, maybe this can be updated to show >> > that >> > a) project website is still updated and b) to show fossil is still >> > efficient. >> > >> > http://fossil-scm.org/index.html/doc/trunk/www/stats.wiki >> > >> >> Updated. > > This line: > SQLite project gets excellent 73:1 compression. > > Chart now shows 80:1! Perhaps just 73:1 or better? I got 80:1 on a fresh clone. You get something different? -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On Sun 03 Jun 2018 10:47 PM, Richard Hipp wrote: > On 6/3/18, jungle Boogie wrote: > > > > Since it's linked from the homepage, maybe this can be updated to show that > > a) project website is still updated and b) to show fossil is still > > efficient. > > > > http://fossil-scm.org/index.html/doc/trunk/www/stats.wiki > > > > Updated. This line: SQLite project gets excellent 73:1 compression. Chart now shows 80:1! Perhaps just 73:1 or better? > -- > D. Richard Hipp > d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On Sun 03 Jun 2018 9:28 PM, Richard Hipp wrote: > There is suddenly a big uptick in traffic to fossil-scm.org, > apparently due to the recent GitHub rumor. Unlike that traditional > "slashdot effect", though, the referrals seem to be coming for a large > variety of sources. > > So, if anybody sees any last minute tidying up that we need to do to > the website in anticipation of a huge influx of first-time visitors, > please speak up. Quickly. > Perhaps expand point #2 to talk about themes/skins built into fossil, and a link to the URL where the user can browse the examples. You might consider remove or moving the 'Fuel' link down the list. There sadly hasn't been an update to the repo since Oct 2015. > -- > D. Richard Hipp > d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On 6/3/18, Joseph R. Justice wrote: > > Neither is Git. > The point is that Fossil comes bundled with many of the same features as GitHub/GitLab. So the comparison is no so much of Fossil-vs-Git, but Fossil-vs-Git(Hub|Lab). -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On 6/3/18, jungle Boogie wrote: > > Since it's linked from the homepage, maybe this can be updated to show that > a) project website is still updated and b) to show fossil is still > efficient. > > http://fossil-scm.org/index.html/doc/trunk/www/stats.wiki > Updated. -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On Sun, Jun 3, 2018, 9:33 PM Richard Hipp wrote: > On 6/3/18, Richard Hipp wrote: > > > > So, if anybody sees any last minute tidying up that we need to do... > > For example, on the front page > (https://fossil-scm.org/index.html/doc/trunk/www/index.wiki), what if > I add some text to item 8 to talk about how Fossil is "Independent and > not beholden to venture capitalists". Too snarky? > Neither is Git. The Fossil-based competition to GitHub would be, for instance, Chiselapp (IIRC). I dare say that the greatest beneficiary of this stuff is likely to be Gitlab. Is anybody doing any serious for-profit Fossil repository hosting yet? Joseph ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On 6:28PM, Sun, Jun 3, 2018 Richard Hipp wrote: > > There is suddenly a big uptick in traffic to fossil-scm.org, > apparently due to the recent GitHub rumor. Unlike that traditional > "slashdot effect", though, the referrals seem to be coming for a large > variety of sources. > > So, if anybody sees any last minute tidying up that we need to do to > the website in anticipation of a huge influx of first-time visitors, > please speak up. Quickly. > Since it's linked from the homepage, maybe this can be updated to show that a) project website is still updated and b) to show fossil is still efficient. http://fossil-scm.org/index.html/doc/trunk/www/stats.wiki > -- > D. Richard Hipp > d...@sqlite.org > ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On 03/06/18 20:28, Richard Hipp wrote: > There is suddenly a big uptick in traffic to fossil-scm.org, > apparently due to the recent GitHub rumor. Unlike that traditional > "slashdot effect", though, the referrals seem to be coming for a large > variety of sources. > > So, if anybody sees any last minute tidying up that we need to do to > the website in anticipation of a huge influx of first-time visitors, > please speak up. Quickly. > I think that would be fine to compile some "Powered by Fossil" projects, for the upcoming show time. Maybe that could be a growing list. GitHub is mostly famous by the projects there and their network effect, not because of the inherent goodness of Git. We, using self hosted repositories don't have such central place for visibility and FossilSCM could be that place. Maybe a custom made form (also powered by the Fossil SQL capabilities) could collect repos info (project name, important urls, and maybe some extra comments). This, of course would not be for last minute adds, but to benefit from the increased interest on Fossil that will come with the centralization wave comming from MS+GitHub news. Cheers, Offray ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
Too snarky, IMHO. State the positive, let the reader figure the negative. Steve On 4 Jun 2018, 9:33 AM +0800, Richard Hipp , wrote: > On 6/3/18, Richard Hipp wrote: > > > > So, if anybody sees any last minute tidying up that we need to do... > > For example, on the front page > (https://fossil-scm.org/index.html/doc/trunk/www/index.wiki), what if > I add some text to item 8 to talk about how Fossil is "Independent and > not beholden to venture capitalists". Too snarky? > > -- > D. Richard Hipp > d...@sqlite.org > ___ > fossil-users mailing list > fossil-users@lists.fossil-scm.org > http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Show time...
On 6/3/18, Richard Hipp wrote: > > So, if anybody sees any last minute tidying up that we need to do... For example, on the front page (https://fossil-scm.org/index.html/doc/trunk/www/index.wiki), what if I add some text to item 8 to talk about how Fossil is "Independent and not beholden to venture capitalists". Too snarky? -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users