|
| From: | Eric S. Johansson |
| Subject: | [Monotone-devel] Re: newcomer thoughts and questions (self hosting, CVS) |
| Date: | Thu, 06 May 2004 14:49:10 -0400 |
| User-agent: | Mozilla Thunderbird 0.6 (Windows/20040502) |
Joel Rosdahl wrote:
"Eric S. Johansson" <address@hidden> writes: [Only replying to some of your questions.]
some responses are better than none. I really appreciate you taking the time to reply.
[...] On running your own server, it looks like you have your own equivalent of pserver but I am uncomfortable with how authentication seems to be handled. It seems very ad hoc, at least that's my impression from the documentation.Authentication is done by checking the client's cryptographic key (which have been added to the server database explicitly by the server administrator) and authorization is done by calling a user-defined LUA function that determines whether the client is authorized. (But you probably already knew that.) Simple, but powerful, I think. Why are you uncomfortable with it?
what you described is is the very thing that makes me uncomfortable. I should be able to say something like "include Fred, Barney, Wilma" and have their keys merged into the authentication authorization environment. Writing code in language I don't know to do something as important as permissions authorization... doesn't look like a recipe for success.
I have no problem with the hook being there but expecting a new user to craft good authentication code makes me very uncomfortable.
by the way, I have this code already in Python so I have a wee bit of a clue on the topic. I won't claim more than that however. ;-)
Yes, that's correct. Older versions of Monotone had a different networking subsystem which handled patch queues and transmission to destination network servers using HTTP, NNTP or SMTP.
OK, so my memory wasn't totally bad. I later saw that darcs had the SMTP update transport as well.
I'm hoping that some of the other questions can get answered especially the cvs interoperability. I do admit to feeling extremely wedged about making a move to a non cvs archive when I have a fair amount of users counting on that archive for at least a read-only source. I'm really wedged on this point of how to leave cvs behind when I can't make the cvs archive go away (i.e. sourceforge).
I think were also going to need to figure out how to communicate distributed development and the ability to create multiple threads and then rejoin them. For example, I'm thinking of IP cop (a project I worked on a while ago). I would love to create a deviation branch that I share with a few other developers and then when we are done with our changes, merge it all back into a common thread which then gets merged back into the official thread and server.
Another example is I am working on the camram web site (hybrid sender-pays anti-spam system) and I have two developers who make the changes and then tell me when it's done so I can review and upload. The two of them don't need to use my repository but can share back and forth (SMTP would be really useful here since their AUPs preclude providing services) and then when they are done, they can check into the main repository.
anyway, I'm still trying to wrap my head around the various distributed versioning systems. ---eric
| [Prev in Thread] | Current Thread | [Next in Thread] |