subversion-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Philip Martin <>
Subject Re: Source code watermarking
Date Fri, 07 Oct 2011 13:02:52 GMT
Miha Vitorovic <> writes:

> On 7.10.2011 11:56, Semen Prikhodko wrote:
>> Hi guys.
>> I need to add additional functionality to Subversion. My task is to
>> make SVN able to insert special "watermarks" into working copy
>> source files which identify a developer working on them. This means
>> every source file will contain some identifying comment (e.g. //
>> {developer id} ). My customer says this step will protect the source
>> code from stealing (the responsible person will be identified and
>> punished). Yes, it's stupid, but that is my current task. So SVN
>> must smartly insert the watermark when updating (checking out) the
>> code and remove it at time of commit (the repo must not contain
>> watermarks).
> If you have the users authenticated against the SVN server, then you
> are exactly describing the svn:keywords. There is some small adittion
> to the code, but not the actual user data. It is well documented in
> the Subversion book, but if you have any additional questions, I think
> they are best directed at the users mailing list.

I believe the question is about doing the keyword substitution on the
server rather than the client.  It think it would be a lot of work,
because the server would have to adjust deltas and checksums both to and
from the client.

The server has non-watermarked fulltext T1 with checksum C1, the client
has watermarked T1' and checksum C1'.  On update to non-watermarked T2
with checksum C2 the server usually calculates the diff D12 and sends
D12 and C2 to the client, but now it will have to generate temporary T1'
and T2' to calculate D12' and C2'.

When committing T2' with checksum C2' the client will send D12' and C2'
and the server would need to generate temporary T1', apply D12' to
generate T2' with checksum C2', and from that generate T2 and C2 which
get stored.

That's a lot of work for something that doesn't offer any real security.

uberSVN: Apache Subversion Made Easy

View raw message