blob: f538c7560144da2237c86b78c090dd058b631de5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
Seems that a fairly common desire in some use cases is to be able to make a
clone of a repository and be able to get files, without updating the
location tracking information. (And without even recording a uuid in the
remote.log.) Use cases include wanting to have temporary
clones without cluttering history, and centralized development where the
developers don't care to know about one-another's systems.
It seems that such an untracked repository would need to automatically
consider itself untrusted. Is that enough to avoid losing data?
> [[done]]; set remote.<name>.annex-readonly=true to prevent
> git-annex from pushing changes to the remote, or modifying the contents
> of the remote in any way.
>
> Note that I am intentionally not making this feature be about security.
> The remote can still tell if you're connecting to it, and indeed if it
> really wants to, and git-annex-shell is being used on the remote, it can
> determine your local repository's uuid.
>
> This allows for some complicated setups. For example, a public repository
> P can be a readonly remote of a clone on your laptop L, and L in turn has
> another, non-readonly remote D on a removable drive. This allows L and D
> to keep track of which files one-another have, without leaking this info
> to P. But note that if L adds P as a remote, it also has to mark it
> readonly, to avoid leaking data.
>
> --[[Joey]]
|
