Re: CVS

[Dean Gaudet <dg...@hotwired.com>]

In message <19...@cadair.elsevier.co.uk>, Paul Richards writes:
>FreeBSD still has something like 1.4 I think (maybe even 1.3) since
>it's too critical to us to keep on the leading edge.

arctic.org has been using 1.5 since it came out with no problems.  I'd
never trust something as important as my source repository to something
that cores...

My concern about cvs remote security is that rsh itself is a bad thing to
let through a firewall (too bad there isn't already support for an rexec
version, a password is at least marginally better than rsh).  We have an
'insecure' net here that we could put the repository on, and HotWired
has a machine that could do it.  Housing the repository isn't too hard,
as long as nobody actually builds on that machine.  Response time to
this machine would be pretty much the same as to hyperreal.

It seems that none of us have experience with both sup and cvs remote
to be able to compare the two.  Although one of the advantages Paul
mentioned was that with sup you have a local copy of the whole repository.
Which is useful when you're trying to figure out when a particular piece
of code changed.

What transport layer does sup use?

There's also something DEC wrote called 'siphon' which I'm supposed
to review soon.  But I don't think it'd work for apache since it uses
locking on too coarse a grain.  (Just say NO to source management systems
using locks!)

Dean