-
-
Notifications
You must be signed in to change notification settings - Fork 733
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Doc: impact of deleting path/to/repo/nonce #6188
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
some first feedback, more later.
count this as big docs update, especially considering you also put work into writing code.
borgbackup#6188 (comment) > Well, guess one could also use max(list of trusted nonce values). > > The real issue is if you have lost all or some of the trusted > (client side) nonce values and you also have reason to not trust the > server side nonce, because someone might attack you on the server.
Codecov Report
@@ Coverage Diff @@
## master #6188 +/- ##
==========================================
- Coverage 83.23% 83.21% -0.02%
==========================================
Files 38 38
Lines 10387 10387
Branches 2039 2039
==========================================
- Hits 8646 8644 -2
- Misses 1233 1234 +1
- Partials 508 509 +1
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good docs and thanks for the new tests!
restarting CI. I hope it's green this time |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
minor suggestions to improve the docs part
other than that: LGTM!
Hmm, could you do a |
I am about to add documentation for this feature. Per the "If you liked it, you should have put a CI test on it" rule I am adding tests to detect if the feature regresses (causing a discrepancy between the docs and the real behavior).
borgbackup#6188 (comment) > Well, guess one could also use max(list of trusted nonce values). > > The real issue is if you have lost all or some of the trusted > (client side) nonce values and you also have reason to not trust the > server side nonce, because someone might attack you on the server.
> do we maybe also want to mention the specific path where the local > nonce is kept?
f032e04
to
6bc1f48
Compare
Done |
Thanks! |
borgbackup#6188 (comment) > Well, guess one could also use max(list of trusted nonce values). > > The real issue is if you have lost all or some of the trusted > (client side) nonce values and you also have reason to not trust the > server side nonce, because someone might attack you on the server.
Backport is merged. Please remove the backport/1.1-maint label |
Fixes: #5858
In addition to explaining the consequences of deleting path/to/repo/nonce I have added tests to make sure that what the docs say is actually true.