Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is the format of the deltas in a subversion respository, and how badly can I blow it up if I change them in a pre-commit hook?

Help me do some damage! I'm tired of just a half-dozen Google hits that tell me never to do this. Let's muck things up real good! I'm pretty sure that I can get ahold of the actual files in db/transactions, so how can I screw these up in interesting ways? I've looked at SVN::Delta, but I can't even figure out what it's supposed to be doing (letting someone make pretty graphs of changes to a repository? sending coded messages to the CIA?).

I really don't care to hear more reasons why not to do this. I work in an environment with 40 or 50 other people who use subversion. And while we're coding, we need some passwords in web.config files, in DataSource.groovy files, you name it. And just refusing the commit because we left them in is as annoying as hell. We have to save the files with the passwords manually deleted (and we have to open up those files, it's not like they're necessarily open), then once we're done committing we have to put them back just to continue to work? This is a good idea I suppose if you just want to bitchslap people every time they commit until they develop a Pavlovian reflex to never commit anything. And why? Because computers aren't supposed to automate tasks? Because the software client won't know that the pre-commit hook didn't actually save the version still on the developer's machine?

I'm fairly language agnostic here. Show me an example of how to do what you're never supposed to do... which file do I edit from pre-commit? How do I interpret the gobbledygook after the DELTA # # # line? Are there any libraries that will help with that? Let's have some fun!

PS Seriously, no one's created a "bad-ideas" tag? WTF.

like image 996
John O Avatar asked Oct 09 '22 21:10

John O


1 Answers

It is your build process that is flawed, not Subversion. If you must not commit passwords, do something like the following:

1 - Web.config files should not be committed. Instead, commit files like Web.config.dev or Web.config.qa.
2 - Have your build script rename the appropriate .config file to Web.config, and then do token replacement so that the proper passwords are inserted. This info can come from another file that is also not commited that says what environment you are in (so it knows which .config file to use), and what the passwords are.

like image 57
D'Arcy Rittich Avatar answered Oct 13 '22 12:10

D'Arcy Rittich