lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Sun, 28 Apr 2013 14:12:39 -0700
From:	Junio C Hamano <gitster@...ox.com>
To:	Michael Haggerty <mhagger@...m.mit.edu>
Cc:	shawn wilson <ag4ve.us@...il.com>, git@...r.kernel.org,
	Linux Kernel <linux-kernel@...r.kernel.org>
Subject: Re: [ANNOUNCE] Git v1.8.3-rc0

Michael Haggerty <mhagger@...m.mit.edu> writes:

> On 04/27/2013 04:24 AM, shawn wilson wrote:
>> On Fri, Apr 26, 2013 at 8:22 PM, Junio C Hamano <gitster@...ox.com> wrote:
>> 
>>>  * There was no good way to ask "I have a random string that came from
>>>    outside world. I want to turn it into a 40-hex object name while
>>>    making sure such an object exists".  A new peeling suffix ^{object}
>>>    can be used for that purpose, together with "rev-parse --verify".
>>>
>> 
>> What does this mean / what is the reason behind this? I can only think
>> it might be useful in a test suite to make sure git isn't doing
>> anything stupid with hashes...?
>
> The topic is discussed here:
>
> http://git.661346.n2.nabble.com/Bug-in-quot-git-rev-parse-verify-quot-td7580929.html
>
> As discussed in the thread, when verifying that an argument names an
> existing object, it is usually also appropriate to verify that the named
> object is of a particular type (or can be converted to a particular
> type), which could already be done with syntax like
> "$userstring^{commit}".  But if, for example, you want to avoid
> unwrapping tags but also want to verify that the named object really
> exists, "$userstring^{object}" now provides a way.
>
> And what do you have against test suites? :-)

And it is not about test in the first place.  Git is designed to be
scriptable, and it is not unreasonable for a scripted Porcelain to
want to learn the full object name of the object that is referred to
by a string that it suspects may be an object name.  Perhaps you are
feeding the entire git mailing list archive to a script that picks
up any object name in the messages and tallying the number of times
each object is mentioned.  Then you would want to key the table that
counts the number of appearances for each object with the object
name, because different message may spell the name of the same
object differently, e.g. f9fc12cf3, v1.8.3-rc0, etc.  With a helper
function "found_one_more_instance" that records the fact you saw
another mention of an object, such a program may do something like
this:

	tokenize_git_mailing_list_message |
        while read userstring
        do
		canonical=$(git rev-parse $userstring^{object}) &&
	        found_one_more_instance "$canonical"
	done

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ