[Savannah-hackers-public] GNU Arch auto-sealing

[Sylvain Beucler]

Hi Michael,

Yesterday a user asked to remove a branch from an Arch repository. I
told him to use SFTP instead of asking us, and it worked.

So, the SFTP patch is currently chown'ing the tarballs as root, but to
keep the repository flexible, the directories (containers) are
not. Which means a project member can remove a patch-* dir (and maybe
replace it by a falsified one).

Am I right? If yes, is the patch actually useful? ;)


I wonder if we chose the right path here: Arch is just not meant for
CVS-style shared repository. So let's either present Arch as it is (no
way to prevent history alteration from project members), or implement
a client-server protocol for Arch. Does that sound sound?


Incidentally, I tried to have the Arch people make a few tiny changes
a months ago to ease the Debian package, and there was no commit since
then. Nor any wish to make needed non-trivial improvements to the
build system. Then they have a student working on revc - not tla.

I believe that no further development can be expected on tla, so I
suggest that we, too, stop trying to improve tla (web viewer, mail
notifications, checkout directory automatic update, non-verbose client
GPG checks, cron GPG checks, and every other ideas we planned at a
point), especially when other active SCMs already have it.


I am probably a bit bitter, because I expected the GNU SCM to become
something really good - feel free to comment on this.

-- 
Sylvain