mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Behavior change: --trust-glacier option no longer overrides trust

Browse source 
Since that can lead to data loss, which should never be enabled by an
option other than --force.

This commit was sponsored by Jake Vosloo on Patreon.
This commit is contained in:
Joey Hess 2021-01-07 10:37:43 -04:00
parent 2bf34fc17f
commit c8b1fa67b4
No known key found for this signature in database
GPG key ID: DB12DB0FF05F8F38
5 changed files with 12 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

6
CHANGELOG
View file

@ -10,9 +10,9 @@ git-annex (8.20201130) UNRELEASED; urgency=medium
behavior, mincopies also needs to be set to 0. behavior, mincopies also needs to be set to 0.
* Behavior change: git-annex trust now needs --force, since unconsidered * Behavior change: git-annex trust now needs --force, since unconsidered
use of trusted repositories can lead to data loss. use of trusted repositories can lead to data loss.
* Behavior change: --trust option no longer overrides trust, since * Behavior change: --trust and --trust-glacier options no longer overrides
that can lead to data loss, which should never be enabled by an option trust, since that can lead to data loss, which should never be enabled
other than --force. by an option other than --force.
* add: Significantly speed up adding lots of non-large files to git, * add: Significantly speed up adding lots of non-large files to git,
by disabling the annex smudge filter when running git add. by disabling the annex smudge filter when running git add.
* add --force-small: Run git add rather than updating the index itself, * add --force-small: Run git add rather than updating the index itself,

4
CmdLine/GitAnnex/Options.hs
View file

@ -81,9 +81,9 @@ gitAnnexGlobalOptions = commonGlobalOptions ++
<> help "override default User-Agent" <> help "override default User-Agent"
<> hidden <> hidden
) )
, globalFlag (Annex.setFlag "trustglacier") , globalFlag (toplevelWarning False "--trust-glacier no longer has any effect")
( long "trust-glacier" ( long "trust-glacier"
<> help "Trust Amazon Glacier inventory" <> help "deprecated, does not trust Amazon Glacier inventory"
<> hidden <> hidden
) )
, globalFlag (setdesktopnotify mkNotifyFinish) , globalFlag (setdesktopnotify mkNotifyFinish)

8
Remote/Glacier.hs
View file

@ -1,6 +1,6 @@
{- Amazon Glacier remotes. {- Amazon Glacier remotes.
- -
- Copyright 2012-2020 Joey Hess <id@joeyh.name> - Copyright 2012-2021 Joey Hess <id@joeyh.name>
- -
- Licensed under the GNU AGPL version 3 or higher. - Licensed under the GNU AGPL version 3 or higher.
-} -}
@ -23,7 +23,6 @@ import Remote.Helper.ExportImport
import qualified Remote.Helper.AWS as AWS import qualified Remote.Helper.AWS as AWS
import Creds import Creds
import Utility.Metered import Utility.Metered
import qualified Annex
import Annex.UUID import Annex.UUID
import Utility.Env import Utility.Env
import Types.ProposedAccepted import Types.ProposedAccepted
@ -233,8 +232,7 @@ checkKey r k = do
s <- liftIO $ readProcessEnv "glacier" (toCommand params) (Just e) s <- liftIO $ readProcessEnv "glacier" (toCommand params) (Just e)
let probablypresent = serializeKey k `elem` lines s let probablypresent = serializeKey k `elem` lines s
if probablypresent if probablypresent
then ifM (Annex.getFlag "trustglacier") then giveup untrusted
( return True, giveup untrusted )
else return False else return False
params = glacierParams (config r) params = glacierParams (config r)
@ -248,8 +246,6 @@ checkKey r k = do
untrusted = unlines untrusted = unlines
[ "Glacier's inventory says it has a copy." [ "Glacier's inventory says it has a copy."
, "However, the inventory could be out of date, if it was recently removed." , "However, the inventory could be out of date, if it was recently removed."
, "(Use --trust-glacier if you're sure it's still in Glacier.)"
, ""
] ]
glacierAction :: Remote -> [CommandParam] -> Annex Bool glacierAction :: Remote -> [CommandParam] -> Annex Bool

11
doc/git-annex.mdwn
View file

@ -813,14 +813,9 @@ may not be explicitly listed on their individual man pages.
* `--trust-glacier` * `--trust-glacier`
Amazon Glacier inventories take hours to retrieve, and may not represent This used to override trust settings for Glacier special remotes,
the current state of a repository. So git-annex does not trust that but now will not do so, because it could lead to data loss,
files that the inventory claims are in Glacier are really there. and data loss is now only enabled when using the `--force` option.
This switch can be used to allow it to trust the inventory.
Be careful using this, especially if you or someone else might have recently
removed a file from Glacier. If you try to drop the only other copy of the
file, and this switch is enabled, you could lose data!
* `--backend=name` * `--backend=name`

5
doc/tips/using_Amazon_Glacier.mdwn
View file

@ -59,13 +59,12 @@ So, git-annex plays it safe, and avoids trusting the inventory:
drop important_file (gpg) (checking glacier...) drop important_file (gpg) (checking glacier...)
Glacier's inventory says it has a copy. Glacier's inventory says it has a copy.
However, the inventory could be out of date, if it was recently removed. However, the inventory could be out of date, if it was recently removed.
(Use --trust-glacier if you're sure it's still in Glacier.)
(unsafe) (unsafe)
Could only verify the existence of 0 out of 1 necessary copies Could only verify the existence of 0 out of 1 necessary copies
Like it says, you can use `--trust-glacier` if you're sure To avoid this problem, you can either use `git annex move` to move
Glacier's inventory is correct and up-to-date. content to Glacier, or you can set the remote to be [[trusted]].
A final potential gotcha with Glacier is that glacier-cli keeps a local A final potential gotcha with Glacier is that glacier-cli keeps a local
mapping of file names to Glacier archives. If this cache is lost, or mapping of file names to Glacier archives. If this cache is lost, or