From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LVwVn-0000Jj-GO for garchives@archives.gentoo.org; Sat, 07 Feb 2009 23:22:59 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 36A09E04D5; Sat, 7 Feb 2009 23:22:58 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 164FBE04D5 for ; Sat, 7 Feb 2009 23:22:58 +0000 (UTC) Received: from [192.168.22.10] (ip68-4-152-120.oc.oc.cox.net [68.4.152.120]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id 98DC4649C2 for ; Sat, 7 Feb 2009 23:22:57 +0000 (UTC) Message-ID: <498E17E6.8060407@gentoo.org> Date: Sat, 07 Feb 2009 15:23:18 -0800 From: Zac Medico User-Agent: Thunderbird 2.0.0.19 (X11/20081209) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] [RFC] DIGESTS metadata variable for cache validation References: <498758E6.5080609@gentoo.org> <1234045916.24784.1373.camel@localhost> In-Reply-To: <1234045916.24784.1373.camel@localhost> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 5d17284b-a752-499c-abe4-1d7fba61ab43 X-Archives-Hash: 452c76b4fc8a2fed3023d2ffd5e49c9b -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tiziano M=C3=BCller wrote: > Am Montag, den 02.02.2009, 12:34 -0800 schrieb Zac Medico: >> For the digest format, I suggest that we use the leftmost 10 >> hexadecimal digits of the SHA-1 digest. The rationale for limiting >> it to 10 digits (out of 40) is to save space. Due to the avalanche >> effect [2], 10 digits should be sufficient to ensure that problems >> resulting from hash collisions are extremely unlikely. > I'd recommend to prefix the digest with a "{TYPE}" (like for hashed > passwords) to be able to change the digest algorithm as needed > (especially in regards to the current SHA successor competition). > This allows a future package manager which might use SHA-3 for hashing > (once it's released) to still check old digests. Furthermore it would > allow for easier transition and only needs a definition of allowed > hashes instead of a specific one. I like that idea. That way it's not necessary to bump the EAPI in order to change the hash function. So, a typical DIGESTS value might look like this: SHA1 02021be38b a28b191904 3992945426 6ec21b29a3 >> The primary reason to use a digest for cache validation instead of a >> timestamp is that it allows the cache validation mechanism to work >> even if the tree is distributed with a protocol that does not >> preserve timestamps, such as git or subversion. This would make it > Well, usually you don't keep intermediate or generated files in a VCS, > so why the metadata? People who distribute overlays commonly ask if it's possible to distribute metadata cache with the overlay. Using a format that doesn't rely on timestamps will allow them to distribute metadata cache using their existing infrastructure, which is typically git or subversion. In addition to overlays, it would also be useful for forks of the entire gentoo tree, such as the funtoo tree [1]. [1] http://github.com/funtoo/portage/tree/master - -- Thanks, Zac -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkmOF+UACgkQ/ejvha5XGaPSyQCg7kVF3S1z4G+7pXOrLBB1Pu77 Y5cAnj60bGSww8SLfcqhHmk1voKwm20+ =3DPmlJ -----END PGP SIGNATURE-----