Re: rewriting history; Was: Concerns/questions around Software Heritage Archive

[Tomas Volf]

On 2024-03-18 12:08:48 +0000, Daniel Littlewood wrote:
> Hi everyone,
>
> I think the discussion so far splits into "should something be done"
> and "what can be done". The "should something be done" is easier to
> address, I think, so I'll deal with it first. I particularly have
> Attila's reply in mind.
>
> > let's put aside the trans aspect of this question for a moment,
> > is it reasonable for me to demand from somebody else to change their memory 
> > of my past actions?
> > if so, then where is the line? what's the principle here? and what are its 
> > implications?
> > i sure see some actors out there who can hardly wait to start erasing 
> > certain records at the barrel of the law
>
> I do not doubt that there are bad actors who might misuse the ability
> to rewrite history generally. However, this only allows us to dismiss
> the technical challenge if there is *no* legitimate use case for
> rewriting history, ever, in any circumstance. So rather than removing
> the trans aspect of the question to consider every possible use case
> (good or bad) of rewriting history, it seems like we only need to come
> up with a single case that's sufficient to justify altering someone's
> identity, for it to be worth considering if the technical restriction
> could be avoided. But then the answer is obvious: Someone might just
> sign their commits wrong for whatever reason. Is it valuable for a
> user or for guix generally to preserve metadata in the case where a
> commit is signed incorrectly? Obviously not. So whether you are
> sympathetic to the deadnaming issue or not (personally I am) it seems
> like we can dismiss the question "should we do something about it".

I do not think the situation is as black and white as you put it here.  I
believe the question of "should something be done" needs to be further split
into two sub-branches.  "should something be doable effective from some point in
time" and "should something be doable retro-actively".

For the former, I think most people here would agree that yes, and there already
is a mechanism for that (.mailmap).

For the latter, I do not think you can just "dismiss" it.  While I agree with
you there is a little value in the act of Guix preserving wrong metadata by
itself, any history-modifying operation would have quiet large impact on the
ecosystem, so that needs to be taken into account as well.  And it that light I
would say yes, preserving wrong metadata (when viewed from this angle) does have
a value.

And I say this as a contributor perfectly matching your example of "signed their
commits wrong", which is why you will find me in the .mailmap.

Have a nice day,
Tomas Volf

--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.

signature.asc
Description: PGP signature