Differences From Artifact [036c770a25]:
- File
www/shunning.wiki
— part of check-in
[855578b610]
at
2020-10-05 18:15:28
on branch fossil-as-blockchain
— Recast the blockchain.md doc as "Is Fossil a Blockchain?" (answer:
mostly no) and updated all references to it to either remove the term,
use "repository" instead where that's sufficiently clear, or to say
either "Merkle tree" or "hash tree" instead where we need to distinguish
the hash tree itself from the rest of the repo DB file's contents. This
depends on the prior CAP theorem doc, since part of the argument for
Fossil not being a blockchain gets us down into those weeds.
EDIT: Moving it to a branch because we're still arguing the point on the forum. (user: wyoung size: 6905) [more...]
To Artifact [42bec5417f]:
- File www/shunning.wiki — part of check-in [1001d86743] at 2020-11-05 11:25:36 on branch trunk — Clarify that a legitimate reason for removing data is receiving a legitimate legal request, as per https://fossil-scm.org/forum/forumpost/bbfb0e910e. Add the exception for non-versioned data (ie "fossil scrub"). This may need to be explained better. (user: danshearer size: 7911) [more...]
| ︙ | |||
17 18 19 20 21 22 23 24 25 26 27 28 29 30 | 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 | + + + + + + + |
* A file that contains trade secrets or that is under someone else's
copyright was accidentally committed and needs to be backed out.
* A malformed control artifact was inserted and is disrupting the
operation of Fossil.
* A legitimate legal request was received requiring content to
be removed. This would most likely be related to the accidental
intellectual property error or spam cases listed above. Some countries
recognise software patents, and so allow legal claims targetting code
commits. Some countries can require publicly-available encryption
software to be taken down if it is committed to the DAG without
the correct government authorisation.
<h2>Alternatives</h2>
All of these are rare cases: Fossil is [./antibot.wiki | designed to
foil spammers up front], legally problematic check-ins should range from
rare to nonexistent, and you have to go way out of your way to force
Fossil to insert bad control artifacts. Therefore, before we get to
|
| ︙ | |||
79 80 81 82 83 84 85 86 87 88 89 90 91 92 | 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 | + + + + + + + + + + |
bad check-in <tt>abcd1234</tt>. You then fix up any merge conflicts,
build, test, etc., then check the reverting change into the
repository. Again, nothing is actually deleted; you're just adding
more information to the repository which corrects a prior
check-in.</p></li>
</ul>
<h2>Exception: Non-versioned Content</h2>
It is normal and expected to delete data which is not versioned, such as
usernames and passwords in the user table. The [/help/scrub|fossil scrub]
command will remove all sensitive non-versioned data from a respository.
The scrub command will remove user 'bertina', along with their password,
any supplied IP address, any concealed email address etc. However, in the
DAG, commits by 'bertina' will continue to be visible unchanged even though
there is no longer any such user in Fossil.
<h2>Shunning</h2>
Fossil provides a mechanism called "shunning" for removing content from
a repository.
Every Fossil repository maintains a list of the hash names of
|
| ︙ |