On Mon, 3 Oct 2011 22:18:46 +0200 Jiří Techet techet@gmail.com wrote:
On Mon, Oct 3, 2011 at 20:21, Frank Lanitz frank@frank.uvena.de wrote:
On Mon, 3 Oct 2011 18:59:49 +0200 Jiří Techet techet@gmail.com wrote:
On Mon, Oct 3, 2011 at 17:28, Colomban Wendling lists.ban@herbesfolles.org wrote:
Hi all,
Now the release is out, it's time for the real migration. There's things to do then, and perhaps a few we still need to agree on.
Le 05/09/2011 23:05, Jiří Techet a écrit :
[...]
End of the long email finally! I tried to record all what needs to be done so nothing is forgotten once the real migration takes place because some of the stuff took some time to discover.
@Jiří: Would you mind doing the real export since you know have a little experience?
Sure, no problem. Just one thing I'd like to mention - I may be a security problem. During the export I can modify any commit (e.g. to send me the contents of the editor by email) and you probably won't notice. On the other hand, the good thing is that:
- I don't feel it's something I'd like to do (but you cannot be
sure I'm telling you the truth)
Well. We can verify the hash of source code after transition with the hash we do have signed on server or e.g. in our personal git repos.
No, I don't think you can - if you modify a commit in the past (and this will happen because older commits have to be added), the checksums of present commits change too. I don't know how exactly git computes the checksums but it takes history into account too so nobody can insert malicious commit without being noticed. This is also why it's important to get the conversion right because later changes are very problematic (all peoples personal clones become invalid).
I didn't mean the git hash of commit or tree, but comparing the hash of the tar of the working copies of current svn head and git head after.
Cheers, Frank