Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backward compatibility 0.2.1 - 0.2.6 #536

Closed
rjcoelho opened this issue Sep 11, 2019 · 4 comments
Closed

Backward compatibility 0.2.1 - 0.2.6 #536

rjcoelho opened this issue Sep 11, 2019 · 4 comments

Comments

@rjcoelho
Copy link

Hi,

This is what i get when trying reveal files using 0.2.1 that were hidden using 0.2.6
config/overlays/local/keys.config:d2f1286fad60a1c84dbe0388637f7733c9454d52bcbea8afd46ad2401a5849d2.secret: No such file or directory

Basically mappings how has sha1, which 0.2.1 doesn't understand. This should be an opt-in on 0.2.6 and later.
@joshrabinowitz
Copy link
Collaborator

joshrabinowitz commented Sep 12, 2019
edited
Loading

Hello, @rjcoelho , and thank for filing this issue.

I believe the change you mention, regarding hashes in the mapping.cfg file, happened some time ago, in Sept of 2017, before the 0.2.3 release.

I did a little research on semver and persistent file backward compatibility and this is what I came up with:

In semver/semver#275 it is said:

"semver doesn't talk about (sic) forward compatibility at all: 
it does not promise that downgrading from (for example) 
1.2.3 to 1.2.1 will be possible."

However, we should document that if you use the -m option to git-secret hide that your mappings file will not be backward compatible with versions of git-secret before 0.2.3.

If hashes are getting stored in .gitsecret/paths/mapping.cfg when the user has never used git secret hide -m, then that's a new bug and please let us know. (Edit: removed, this was incorrect)

I'll plan to close this issue when the docs are updated to mention that mapping.cfg may not be backward compatible if you use git secret hide -m. Thanks again and let us know if you have any additional input!

@rjcoelho
Copy link
Author

@joshrabinowitz thanks for the clarification.

I don't use -m option. What I do is git secret hide with 0.2.6 and try to git secret reveal with 0.2.1

@joshrabinowitz
Copy link
Collaborator

joshrabinowitz commented Sep 16, 2019
edited
Loading

@rjcoelho , I read the code too quickly. You are correct, after encryption, a hash is always written to the mapping.cfg file in recent versions of git-secret.

As mentioned above, by my reading of 'semver', it's not /technically/ a bug that persistent files from new versions of git-secret are not backward compatible with older versions of git-secret (though it is certainly inconvenient).

Can you upgrade git-secret from 0.2.1 in your appropriate environment?

We could add some sort of flag to stop writing checksums to the mappings.cfg file, but I'm hesitant to add a flag just relating to the checksum in mapping.cfg.

@joshrabinowitz joshrabinowitz mentioned this issue Sep 16, 2019
Merged
@joshrabinowitz
Copy link
Collaborator

joshrabinowitz commented Sep 16, 2019
edited
Loading

I've add a PR altering CHANGELOG.md to note the backward incompatibility. (See #537)

Since this is the first time this has come up (and since the change was made some two years ago) I'm not planning on adding any more docs or code changes related to this topic for now. If you're ok with this resolution, feel free to close this issue, @rjcoelho (assuming github will let you); alternately let us know below! Thanks again.

joshrabinowitz added a commit that referenced this issue Sep 17, 2019
@joshrabinowitz
attribute change in changelog to #536 (#538)
a27b8b9
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rjcoelho @joshrabinowitz