Re: [PATCH 09/10] fast-export: allow seeding the anonymized mapping

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Jun 23, 2020 at 11:25 AM Jeff King <peff@xxxxxxxx> wrote:
> diff --git a/Documentation/git-fast-export.txt b/Documentation/git-fast-export.txt
> @@ -238,6 +243,25 @@ collapse "User 0", "User 1", etc into "User X"). This produces a much
> +[...] For example, if you have a bug which reproduces
> +with `git rev-list mybranch -- foo.c`, you can run:
> +
> +---------------------------------------------------
> +$ git fast-export --anonymize --all \
> +   --seed-anonymized=foo.c:secret.c \
> +   --seed-anonymized=mybranch \
> +   >stream
> +---------------------------------------------------
> +
> +After importing the stream, you can then run `git rev-list mybranch --
> +secret.c` in the anonymized repository.

I understand that your intention here is to demonstrate both forms of
--seed-anonymized, but I'm slightly concerned that people may
interpret this example as meaning that you are not allowed to
anonymize the refname when anonymizing a pathname. It might be less
ambiguous to avoid the "short form" in the example; people who have
read the description of --seed-anonymized will know that the short
form can be used without having to see it in an example.

> +Note that paths and refnames are split into tokens at slash boundaries.
> +The command above would anonymize `subdir/foo.c` as something like
> +`path123/secret.c`.

Confusing. This seems to be saying that anonymizing filenames in
subdirectories is pointless because you can't know how the leading
directory names will be anonymized. That leaves the reader wondering
how to deal with the situation. Does it require using
--seed-anonymized for each path component leading up to the filename?
Or can --seed-anonymized take an full pathname (leading directory
components and filename) in one shot?

> @@ -168,8 +169,18 @@ static const char *anonymize_str(struct hashmap *map,
> -    ret = hashmap_get_entry(map, &key, hash, &key);
>
> +    /* First check if it's a token the user configured manually... */
> +    if (anonymized_seeds.cmpfn)
> +        ret = hashmap_get_entry(&anonymized_seeds, &key, hash, &key);
> +    else
> +        ret = NULL;
> +
> +    /* ...otherwise check if we've already seen it in this context... */
> +    if (!ret)
> +        ret = hashmap_get_entry(map, &key, hash, &key);
> +
> +    /* ...and finally generate a new mapping if necessary */

I was a bit surprised to see that --seed-anonymized values are stored
in a separate hash map rather than simply being used to (literally)
seed the existing anonymization hash map. I guess there's a good
technical reason for doing it this way, such as the normal
anonymization hash map not yet being in existence at the time the
--seed-anonymized option is processed? (I haven't checked because I'm
too lazy, so it may not be worth spending time answering me.)

> @@ -1188,6 +1230,9 @@ int cmd_fast_export(int argc, const char **argv, const char *prefix)
>         OPT_BOOL(0, "anonymize", &anonymize, N_("anonymize output")),
> +        OPT_CALLBACK_F(0, "seed-anonymized", &anonymized_seeds, N_("from:to"),
> +               N_("convert <from> to <to> in anonymized output"),
> +               PARSE_OPT_NONEG, parse_opt_seed_anonymized),

Would it be worthwhile to add a check somewhere after the
parse_options() invocation and complain if --seed-anonymized was used
without --anonymize?  (Or should --seed-anonymized perhaps imply
--anonymize?)



[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux