From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1.migadu.com ([2001:41d0:403:58f0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms8.migadu.com with LMTPS id kOrfJ9ZJ+GXeEAEA62LTzQ:P1 (envelope-from ) for ; Mon, 18 Mar 2024 15:04:06 +0100 Received: from aspmx1.migadu.com ([2001:41d0:403:58f0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1.migadu.com with LMTPS id kOrfJ9ZJ+GXeEAEA62LTzQ (envelope-from ) for ; Mon, 18 Mar 2024 15:04:06 +0100 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=none ("invalid DKIM record") header.d=msavoritias.me header.s=20210930 header.b=WGYk6KHF; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=fail reason="SPF not aligned (relaxed)" header.from=msavoritias.me (policy=none) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1710770646; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=BDZ1LYdTP70HIiaLG4SeZiWQ6i4cgtC7x/CjOZk5+gc=; b=iI7+3CX+0qCfgLUs0BR66y/QKmewGaf1x2yg9WSvRlBEcjPVrXYnhodnLJTe24q/SAwRuy 6kwIkdn8Y1r2MzWXu8HRhEicdpOsijjYMQ3ryIRhI4qxW/yAR4AkdC6qTLibv8lgkPJ1qv tABDdEbQw0VyfmKhIddvcpKtE8TtVilQ1FzveAV8YLfq3RY5+6A320HJjcGmg2M5SX/+mf HOtR4a+96TyNE1ttyKxcAsNjt1O3lY6UZXDhJUD5A9I1cV8G2crpRpGm7PRano/hqsLiiI Ln69FUfht6z4R7/oD18k9im6QXbf9su4CS29neiqoHxsnuY8Ga5dzkXklHZxTg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1710770646; a=rsa-sha256; cv=none; b=SSZECPQYyhT8+tex/hx/tQN1ouRFJNsOJK5FUd6IXiokh2Jw51a+VgmzDXiXIx/GHl27X/ vWr6EEGYrYYquNlORYDcgV2RXqRTC39l6jA8FyCVx9KzKiFljgMnM/pHdI/GnzxUdXcgWb wa92limXE8bI2KmIcsl6su+nZUqiol7zU7mlCMyn+iHfmWPcP0yrjo/m76eNcZgLh5Zfab 6YJ+emFecUxzmmsh5mED62MC6fJSqCZSYvS5JtCNG0EVBVHPU2AIY4vA5UVqzo59F3CLv6 YESnmMBAL/4B/5x1lrnaYZ77xPtF1joNwEYhZ5qRHWpR4EPyDubxheMp9rBW8w== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none ("invalid DKIM record") header.d=msavoritias.me header.s=20210930 header.b=WGYk6KHF; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=fail reason="SPF not aligned (relaxed)" header.from=msavoritias.me (policy=none) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 17AA25A1F3 for ; Mon, 18 Mar 2024 15:04:06 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rmDaM-00006v-SP; Mon, 18 Mar 2024 10:03:30 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmDaK-000060-Vc for guix-devel@gnu.org; Mon, 18 Mar 2024 10:03:29 -0400 Received: from mail.webarch.email ([81.95.52.48]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rmDaI-0005P9-PD for guix-devel@gnu.org; Mon, 18 Mar 2024 10:03:28 -0400 Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id 8D0761A8D6CB; Mon, 18 Mar 2024 14:03:20 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=msavoritias.me; s=20210930; t=1710770605; h=from:subject:date:message-id:to:cc:mime-version:content-type: content-transfer-encoding:content-language:in-reply-to:references; bh=BDZ1LYdTP70HIiaLG4SeZiWQ6i4cgtC7x/CjOZk5+gc=; b=WGYk6KHFCnFNspcos0/u/sf0LVx+P1JUWjcwnrtlYGmXhc5XKZV23gG2i6IKqomDwSGG85 2kQ8/mFhjAE7sKLWjvwaCdM6kCp++GIC/rWihucirDxsj4m5h9Em9rZuJyYGvwE6KUuvPA tXKJivdWtyME6yvJLSfhqd6+v7/DwKCWbXCUo/Pdj3GsrUMU9iWxXVB81Or6isnQO2+u5N Ki0cf+SOFcPB1F7fF4/i2xCgZboAon5VLDR0G1h3znRuXOoxTKILXris0vs9gIOVV4Rty9 lxkDodDe/kwoxCbHKMXowiwXC3sNqkwbktDZmO6IaL5NY5e47pt7ybOE7VApBg== Message-ID: Date: Mon, 18 Mar 2024 16:03:20 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.15.0 Subject: Re: rewriting history; Was: Concerns/questions around Software Heritage Archive Content-Language: en-US To: Andreas Enge , Simon Tournier Cc: Attila Lendvai , Ian Eure , guix-devel References: <645b9b21-4923-eb23-7213-1c2cf5fe6850@fannys.me> <87sf0nwzl1.fsf@gmail.com> From: MSavoritias In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Last-TLS-Session-Version: TLSv1.3 Received-SPF: pass client-ip=81.95.52.48; envelope-from=email@msavoritias.me; helo=mail.webarch.email X-Spam_score_int: -23 X-Spam_score: -2.4 X-Spam_bar: -- X-Spam_report: (-2.4 / 5.0 requ) BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, NICE_REPLY_A=-0.684, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: -4.70 X-Spam-Score: -4.70 X-Migadu-Queue-Id: 17AA25A1F3 X-Migadu-Scanner: mx11.migadu.com X-TUID: 66QCT1jvGp8T On 3/18/24 15:35, Andreas Enge wrote: > Hello all, > > Am Mon, Mar 18, 2024 at 12:26:18PM +0100 schrieb Simon Tournier: >> Therefore, it would be more constructive if you come with a >> proof-of-concept allowing “history rewrite” and strong “software >> identification” property > the one thing I can think of, and which would allow time travel to coexist > with history rewriting, is an additional layer of metainformation. > > First of all, when rewriting history, all commits from the bifurcation > to an alternate universe must be signed again by the person doing the > "time split"; so there is a loss of information there. > > Second, we need to create a table that associates every old, lost commit > hash to the corresponding new commit hash; this should also be signed by > the person rewriting history. > > Of course this will have to be continued to the future: If Guix has n > commits and m history rewrites, then the m-th rewrite may have to create > a table of n entries that link commit hashes of the m-th rewrite to those > of the (m-1)-th rewrite. Total memory would become m*n entries. > > When doing time travel to a commit hash, one would need to check whether > it is available in the current, m-th history rewrite; if not, one would > need to look for it in the (m-1)-th rewrite and map it to a commit hash > in the m-th rewrite; if not, one would have to look for it in the (m-2)-th > rewrite and map it to a hash in the (m-1)-th rewrite, and then check > whether or not it has been overwritten in the m-th rewrite. The total > time complexity would be m look-ups in tables of size n each. > > > It is a lot of effort; and probably for little gain, since we cannot > eradicate each and every fork of the Guix git repo. The old data will > still be available at SWH, and probably at random forks on lots of random > forges all over the world. As Simon, I think that history, fundamentally, > cannot be rewritten: What has happened in the past, has happened in the > past. If you have done some public activity as the person known as X, and > then change your name to Y, you cannot prevent your past activity to be > known under identity X. Also, the time split would have to be publicly > documented somehow; if we add as rationale for a history rewrite "person X > is now known as Y", not much is gained compared to just keeping the old > commits. Not documenting the rationales for history rewrites would not help > to instill trust in the codebase, and probably not solve the problem either, > since it is quite likely that the request by person X to now be addressed > as Y will have been made on the mailing list or some other public forum. > > So my impression is that the .mailmap approach in the Guix project is a > good compromise between acknowledging the wish of people to be known under > identity Y, and what can reasonably be achieved to hide identity X. > > Well, there are things people can do individually: > 1) Use a pseudonym P from the start instead of X (which is admitted in > the Guix community, just look at a few of the names: there are pseudo- > nyms with clearly made-up first and last names, there are very obvious > one-word pseudonyms, and maybe some of the names that look like real > names are not from the persons' passports, who would know). > 2) This does not help, of course, if you are already known as X and want > to be known as Y. Then either you can somehow make the change publicly, > and transfer your reputation and also the information that you used > to be known as X, or disappear as X and reappear as a new person Y > and lose X's reputation. Doing both is impossible, I would say. > > Andreas > Rewriting history is the wrong question imo. I dont think a request to change all of the history of Guix will be accepted anyway. A much easier thing to do is to change the approach in the future. And let all the past history untouched. MSavoritias