From: zimoun <zimon.toutoune@gmail.com>
To: Liliana Marie Prikler <liliana.prikler@gmail.com>,
Mark H Weaver <mhw@netris.org>,
guix-devel@gnu.org
Subject: Re: On raw strings in <origin> commit field
Date: Tue, 04 Jan 2022 00:00:05 +0100 [thread overview]
Message-ID: <864k6ke87e.fsf@gmail.com> (raw)
In-Reply-To: <0fff4aa2b320a82905c4b6bd43f7cd3d6e7493c6.camel@gmail.com>
Hi Liliana,
On Mon, 03 Jan 2022 at 21:19, Liliana Marie Prikler <liliana.prikler@gmail.com> wrote:
> That's not the case I'm making here. The case I'm making is that Git
> considers some content content, which Guix does not consider content.
> If I push the same file to two branches, once with the commit message
> "Hello Mark" and once with "Hello Simon", they're the same file to
> Guix, but different files to Git.
You are saying what I predicted you will say :-) ; here I quote myself:
The statement «Git commit hashes do not just depend on the
content» is wrong. Specifically, it is by adding more
well-chosen content that the hash is tricked. Now, Liliana, you
can define “content“ by useful content opposed as meta-content,
etc. Well, it is fine but the statement still appears to me
wrong because Git commit hash only depends on the content
itself.
<https://yhetil.org/guix/86bl0url52.fsf@gmail.com>
Sorry, I used meta-content instead of “content content”. :-) In all
cases, that is part of the content that is hashed. Well, maybe I
appears picky but I feel there is a fundamental misunderstanding
somewhere. :-)
Just let recap. :-) You wrote, full quotation:
Git commit hashes do not just depend on the content. They also
depend on how much effort you put into solving a proof of work
challenge that won't ever earn you crypto coins [1].
<https://yhetil.org/guix/3d448fe42f0c43574db96fa26aecd7da5fd5a95d.camel@gmail.com>
And the statement is incorrect, especially in the light of your last
comment. If you read my first email, I took the example:
$ cat /tmp/foo.txt | git hash-object --stdin
557db03de997c86a4a028e1ebd3a1ceb225be238
<https://yhetil.org/guix/86y243kdoo.fsf@gmail.com>
where there is no “content content” (using your own word). Git is a
serializer, NAR is another. The content that you serialize does not
matter,
$ echo hello > hello.txt
$ cat hello.txt | git hash-object --stdin
ce013625030ba8dba906f756967f9e9ca394464a
$ guix hash -S git -H sha1 -f hex hello.txt
ce013625030ba8dba906f756967f9e9ca394464a
Or using the default format and hash function, comparing Git and Nar
serializers:
$ guix hash -S nar hello.txt
04zwf782yjwnh3q6hz5izfd6jyip8kgw6g6yj43fiqhbyhdd0dqw
$ guix hash -S git hello.txt
1d7bp5nmgpi5j1ikglw3l7ry7dzczlhp8wl79arl75g2kqyxiy1c
The content can be one file, some files, folders, etc. or Git objects
as Git commit object or Git tree object or whatever. Therefore, Git
commit hash only depends on the content itself, i.e., Git commit object;
as explained by the pointer provided earlier in the thread,
<https://git-scm.com/book/en/v2/Git-Internals-Git-Objects>
On the other hand, we could build our own Guix-DVCS using
NAR+SHA-256+Nix-base32 instead of Git Git+SHA-1+Hex. ;-)
Last, identifier is different from integrity checksum. Especially, if a
collision is possible, then it invalidates the integrity checksum. A
collision for an identifier does not matter so much security-wise,
because it just implies that the lookup is not unique or that one
content is unreachable. Well, collision is for sure an issue and can
break the content-address system, even can lead to security troubles for
extreme cases, but also for sure, it does not change the relation
between Git commit hash and content.
For the rest, it does not matter if we agree or not because this
discussion is far to cook the rice – well there is no concrete
outcomes. Your last paragraph,
Once again, there are tangible benefits to using a (let-bound)
commit inside a <git-reference>, particularly if you have a
strong reason to believe that an upstream might be unreliable.
However, virtually all of these go down the drain if you do not
do so in tandem with git- version.
is an acceptable ending. :-) Therefore, from my side, I consider it as a
final word.
Cheers,
simon
next prev parent reply other threads:[~2022-01-03 23:03 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-28 20:55 On raw strings in <origin> commit field Liliana Marie Prikler
2021-12-29 8:39 ` zimoun
2021-12-29 20:25 ` Liliana Marie Prikler
2021-12-30 12:43 ` zimoun
2021-12-31 0:02 ` Liliana Marie Prikler
2021-12-31 1:23 ` zimoun
2021-12-31 3:27 ` Liliana Marie Prikler
2021-12-31 9:31 ` Ricardo Wurmus
2021-12-31 11:07 ` Liliana Marie Prikler
2021-12-31 12:31 ` Ricardo Wurmus
2021-12-31 13:18 ` Liliana Marie Prikler
2021-12-31 13:15 ` zimoun
2021-12-31 15:19 ` Liliana Marie Prikler
2021-12-31 17:21 ` zimoun
2021-12-31 20:52 ` Liliana Marie Prikler
2021-12-31 23:36 ` Mark H Weaver
2022-01-01 1:33 ` Liliana Marie Prikler
2022-01-01 5:00 ` Mark H Weaver
2022-01-01 10:33 ` Liliana Marie Prikler
2022-01-01 20:37 ` Mark H Weaver
2022-01-01 22:55 ` Liliana Marie Prikler
2022-01-02 22:57 ` Mark H Weaver
2022-01-03 21:25 ` Liliana Marie Prikler
2022-01-03 23:14 ` Mark H Weaver
2022-01-04 19:55 ` Liliana Marie Prikler
2022-01-04 23:42 ` Mark H Weaver
2022-01-05 9:28 ` Mark H Weaver
2022-01-05 20:43 ` Liliana Marie Prikler
2022-01-06 10:38 ` Mark H Weaver
2022-01-06 11:25 ` Liliana Marie Prikler
2022-01-02 19:30 ` zimoun
2022-01-02 21:35 ` Liliana Marie Prikler
2022-01-03 9:22 ` zimoun
2022-01-03 18:13 ` Liliana Marie Prikler
2022-01-03 19:07 ` zimoun
2022-01-03 20:19 ` Liliana Marie Prikler
2022-01-03 23:00 ` zimoun [this message]
2022-01-04 5:23 ` Liliana Marie Prikler
2022-01-04 8:51 ` zimoun
2022-01-04 13:15 ` zimoun
2022-01-04 19:45 ` Liliana Marie Prikler
2022-01-04 19:53 ` zimoun
2021-12-31 23:56 ` Mark H Weaver
2022-01-01 0:15 ` Liliana Marie Prikler
2021-12-30 1:13 ` Mark H Weaver
2021-12-30 12:56 ` zimoun
2021-12-31 3:15 ` Liliana Marie Prikler
2021-12-31 7:57 ` Taylan Kammer
2021-12-31 10:55 ` Liliana Marie Prikler
2022-01-01 1:41 ` Mark H Weaver
2022-01-01 11:12 ` Liliana Marie Prikler
2022-01-01 17:45 ` Timothy Sample
2022-01-01 19:52 ` Liliana Marie Prikler
2022-01-02 23:00 ` Timothy Sample
2022-01-03 15:46 ` Ludovic Courtès
2022-01-01 20:19 ` Mark H Weaver
2022-01-01 23:20 ` Liliana Marie Prikler
2022-01-02 12:25 ` Mark H Weaver
2022-01-02 14:09 ` Liliana Marie Prikler
2022-01-02 2:07 ` Bengt Richter
2021-12-31 17:56 ` Vagrant Cascadian
2022-01-03 15:51 ` Ludovic Courtès
2022-01-03 16:29 ` Vagrant Cascadian
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=864k6ke87e.fsf@gmail.com \
--to=zimon.toutoune@gmail.com \
--cc=guix-devel@gnu.org \
--cc=liliana.prikler@gmail.com \
--cc=mhw@netris.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).