Mercurial > hg
view tests/test-trusted.py.out @ 32697:19b9fc40cc51
revlog: skeleton support for version 2 revlogs
There are a number of improvements we want to make to revlogs
that will require a new version - version 2. It is unclear what the
full set of improvements will be or when we'll be done with them.
What I do know is that the process will likely take longer than a
single release, will require input from various stakeholders to
evaluate changes, and will have many contentious debates and
bikeshedding.
It is unrealistic to develop revlog version 2 up front: there
are just too many uncertainties that we won't know until things
are implemented and experiments are run. Some changes will also
be invasive and prone to bit rot, so sitting on dozens of patches
is not practical.
This commit introduces skeleton support for version 2 revlogs in
a way that is flexible and not bound by backwards compatibility
concerns.
An experimental repo requirement for denoting revlog v2 has been
added. The requirement string has a sub-version component to it.
This will allow us to declare multiple requirements in the course
of developing revlog v2. Whenever we change the in-development
revlog v2 format, we can tweak the string, creating a new
requirement and locking out old clients. This will allow us to
make as many backwards incompatible changes and experiments to
revlog v2 as we want. In other words, we can land code and make
meaningful progress towards revlog v2 while still maintaining
extreme format flexibility up until the point we freeze the
format and remove the experimental labels.
To enable the new repo requirement, you must supply an experimental
and undocumented config option. But not just any boolean flag
will do: you need to explicitly use a value that no sane person
should ever type. This is an additional guard against enabling
revlog v2 on an installation it shouldn't be enabled on. The
specific scenario I'm trying to prevent is say a user with a
4.4 client with a frozen format enabling the option but then
downgrading to 4.3 and accidentally creating repos with an
outdated and unsupported repo format. Requiring a "challenge"
string should prevent this.
Because the format is not yet finalized and I don't want to take
any chances, revlog v2's version is currently 0xDEAD. I figure
squatting on a value we're likely never to use as an actual revlog
version to mean "internal testing only" is acceptable. And
"dead" is easily recognized as something meaningful.
There is a bunch of cleanup that is needed before work on revlog
v2 begins in earnest. I plan on doing that work once this patch
is accepted and we're comfortable with the idea of starting down
this path.
| author | Gregory Szorc <gregory.szorc@gmail.com> |
|---|---|
| date | Fri, 19 May 2017 20:29:11 -0700 |
| parents | 75e4bae56068 |
| children | 73ccba60aaa1 |
line wrap: on
line source
# same user, same group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # same user, different group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # different user, same group not trusting file .hg/hgrc from untrusted user abc, group bar trusted global = /some/path untrusted . . global = /some/path . . local = /another/path # different user, same group, but we trust the group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # different user, different group not trusting file .hg/hgrc from untrusted user abc, group def trusted global = /some/path untrusted . . global = /some/path . . local = /another/path # different user, different group, but we trust the user trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # different user, different group, but we trust the group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # different user, different group, but we trust the user and the group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # we trust all users # different user, different group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # we trust all groups # different user, different group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # we trust all users and groups # different user, different group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # we don't get confused by users and groups with the same name # different user, different group not trusting file .hg/hgrc from untrusted user abc, group def trusted global = /some/path untrusted . . global = /some/path . . local = /another/path # list of user names # different user, different group, but we trust the user trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # list of group names # different user, different group, but we trust the group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # Can't figure out the name of the user running this process # different user, different group not trusting file .hg/hgrc from untrusted user abc, group def trusted global = /some/path untrusted . . global = /some/path . . local = /another/path # prints debug warnings # different user, different group not trusting file .hg/hgrc from untrusted user abc, group def trusted ignoring untrusted configuration option paths.local = /another/path global = /some/path untrusted . . global = /some/path . ignoring untrusted configuration option paths.local = /another/path . local = /another/path # report_untrusted enabled without debug hides warnings # different user, different group trusted global = /some/path untrusted . . global = /some/path . . local = /another/path # report_untrusted enabled with debug shows warnings # different user, different group not trusting file .hg/hgrc from untrusted user abc, group def trusted ignoring untrusted configuration option paths.local = /another/path global = /some/path untrusted . . global = /some/path . ignoring untrusted configuration option paths.local = /another/path . local = /another/path # ui.readconfig sections quux # read trusted, untrusted, new ui, trusted not trusting file foobar from untrusted user abc, group def trusted: ignoring untrusted configuration option foobar.baz = quux None untrusted: quux # error handling # file doesn't exist # same user, same group # different user, different group # parse error # different user, different group not trusting file .hg/hgrc from untrusted user abc, group def ('foo', '.hg/hgrc:1') # same user, same group ('foo', '.hg/hgrc:1') # access typed information # different user, different group not trusting file .hg/hgrc from untrusted user abc, group def # suboptions, trusted and untrusted (None, []) ('main', [('one', 'one'), ('two', 'two')]) # path, trusted and untrusted None .hg/monty/python # bool, trusted and untrusted False True # int, trusted and untrusted 0 42 # bytes, trusted and untrusted 0 84934656 # list, trusted and untrusted [] ['spam', 'ham', 'eggs']