Merge branch 'master' of ssh://git-annex.branchable.com

This commit is contained in:
Joey Hess 2017-03-01 12:07:07 -04:00
commit 32da1bb2f1
No known key found for this signature in database
GPG key ID: C910D9222512E3C7
2 changed files with 35 additions and 0 deletions

View file

@ -0,0 +1,23 @@
### Please describe the problem.
see below. expected: entries on failed copies with "success"=false, and not just error messages
[[!format sh """
$> git annex copy --to=neurosmaug svgtune_0.2.0.orig.tar.gz nonexisting
git-annex: nonexisting not found
copy svgtune_0.2.0.orig.tar.gz (checking neurosmaug...) ok
git-annex: copy: 1 failed
$> git annex copy --to=neurosmaug svgtune_0.2.0.orig.tar.gz nonexisting --json
git-annex: nonexisting not found
{"command":"copy","note":"checking neurosmaug...","success":true,"key":"SHA256E-s5121--6d8f7d10206a120a42bec2cd29bc2365d09889fdf070ac8c67d1cff0b1539f63.tar.gz","file":"svgtune_0.2.0.orig.tar.gz"}
git-annex: copy: 1 failed
$> git annex version
git-annex version: 6.20170220+gitg75a15e1ad-1~ndall+1
"""]]
[[!meta author=yoh]]

View file

@ -0,0 +1,12 @@
[[!comment format=mdwn
username="dvicory"
avatar="http://cdn.libravatar.org/avatar/9e4b9df55a9c1440101dc66aa0a6b62d"
subject="Security of P2P repo is unclear"
date="2017-02-28T20:30:30Z"
content="""
In the security section, you say that
> Anyone who learns the address of a peer can connect to that peer, download the whole history of the git repository, and any available annexed files. They can also upload new files to the peer, and even remove annexed files from the peer. So consider ways that the address of a peer might be exposed.
Do you mean the addresses from `git annex peer --gen-addresses` here? Say, if someone has only my onion service address, and none of the authentication data that is normally placed in `.git/annex/creds/`, what can they do with my git repository? I think I might be confused by the use of \"address\" because of onion addresses, which are not private.
"""]]