Comment 6 for bug 631085

Revision history for this message
John A Meinel (jameinel) wrote : Re: [Bug 631085] Re: revid contains email address and is displayed publicly

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 9/7/2010 3:54 PM, Max Bowsher wrote:
> How would such an option differ from simply not setting an email address
> in your "bzr whoami" ?
>

He wants a valid 'whoami' because he wants his commits linked with his
Launchpad identity. He doesn't want that identity shown.

AFAIK, you must be logged in, in order to get real email addresses
anyway. So bots won't ever see them. (Note that this includes email
addresses in bug reports, etc.)

I don't know about revision-ids, if they are also bot sanitized.

Certainly it isn't required at all to have a revision id based on email
address. It is often quite useful, as it provides a more salient
user-focused string (I can give you a hex hash, how many chars can you
remember, but if I give you an email address, you'll remember it all.)

I would probably say that we should make sure the website sanitizes
email addresses in revision ids for bot scraping, etc. Beyond that, I'm
not 100% sure.

Note that you can write a simple plugin that monkey patches
'bzrlib.generate_ids.gen_revision_id' and generates something that does
whatever you want. (Hashing the supplied username, and using that would
be viable.)

For example, put this as ~/.bazaar/plugins/no_email_revid.py:

import hashlib

from bzrlib import generate_ids

_old_func = generate_ids.gen_revision_id

def gen_revision_id(username, timestamp=None):
    username = hashlib.md5(username).hexdigest()
    return _old_func(username, timestamp=timestamp)

generate_ids.gen_revision_id = gen_revision_id

The very nice thing about this, is that you can do it *today* and
everything should still work. The bad thing is that you would want to
remember to do it anywhere that you commit from, when you want to hide
your email from the revision-id.

John
=:->
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkyGqb8ACgkQJdeBCYSNAAO7hQCghRhdTvWmXWaKptE/P0KZv/tY
qRIAn1nUbvUK75Yeg9lKYvwPjvVy8pwb
=ykiK
-----END PGP SIGNATURE-----