Page MenuHomeSoftware Heritage
Create Task
Maniphest T2942

Update deposit: `swhid` MUST exist in archive for a metadata-only deposit
Closed, MigratedEdits Locked
Actions

Description

**edited
The decision is clear to accept only SWHIDs that are already in the archive.

In the metadata-only deposit a swhid is required.
The existence of the swhid in the archive, on the other hand, is only recommended (with SHOULD in the specs).

With the option to potentially give metadata on an object that isn't in the archive, we open the door to new possibilities but also to human errors.

Should we restrict the deposit to existing swhids, or should we trust the deposit clients that they used the exact swhid they intended to use?

Revisions and Commits

rDDEP Push deposit
D5231rDDEPc4972584f176 Check a SWHID exists in the archive before accepting a metadata-only deposit
rSPSITE puppet-swh-site
D5245rSPSITE81a7a36c7ded swh-deposit: Configure access to the graph storage

Related Objects
Search...

Event Timeline

moranegg triaged this task as High priority.Jan 7 2021, 3:06 PM
moranegg created this task.
moranegg updated the task description. (Show Details)
moranegg updated the task description. (Show Details)
moranegg added a parent task: T2540: support the loading of metadata-only deposits in the metadata storage.
zack added a comment.Jan 7 2021, 3:10 PM

My answer is a very emphatic YES.

There are many reasons for this, including avoiding metadata pollution, encouraging people to also deposit content to the archive, and hash collision risks (if we have not archived something, there is no guarantee we will ever use the hash contained in that SWHID for the software artifact that the metadata submitter thinks is referenced by it).

moranegg added a comment.Jan 7 2021, 5:34 PM

Thank you @zack for the quick response. I agree with you and do prefer archiving metadata for only existing SWHIDs.

rdicosmo added a comment.Jan 7 2021, 5:58 PM
In T2942#56223, @zack wrote:

My answer is a very emphatic YES.

There are many reasons for this, including avoiding metadata pollution, encouraging people to also deposit content to the archive, and hash collision risks (if we have not archived something, there is no guarantee we will ever use the hash contained in that SWHID for the software artifact that the metadata submitter thinks is referenced by it).

Absolutely!

moranegg renamed this task from Decide if `swhid` MUST exist in archive for a metadata-only deposit to Update deposit: `swhid` MUST exist in archive for a metadata-only deposit.Jan 8 2021, 5:13 PM
moranegg updated the task description. (Show Details)
moranegg added subscribers: ardumont, vlorentz.

I'm renaming the task to an actionable item.

moranegg removed moranegg as the assignee of this task.Jan 15 2021, 11:28 AM
moranegg assigned this task to vlorentz.Jan 26 2021, 11:54 AM
vlorentz added a revision: D5231: Check a SWHID exists in the archive before accepting a metadata-only deposit.Mar 11 2021, 5:29 PM
vlorentz added a commit: rDDEPc4972584f176: Check a SWHID exists in the archive before accepting a metadata-only deposit.Mar 15 2021, 10:26 AM
vlorentz added a revision: D5245: swh-deposit: Configure access to the graph storage.Mar 15 2021, 11:32 AM
vlorentz added a commit: rSPSITE81a7a36c7ded: swh-deposit: Configure access to the graph storage.Mar 15 2021, 11:57 AM
vlorentz closed this task as Resolved.Mar 15 2021, 11:59 AM
moranegg moved this task from Backlog to Deployed on the SWORD deposit board.Mar 25 2021, 12:38 PM
gitlab-migration changed the task status from Resolved to Migrated.Jan 8 2023, 4:32 PM
gitlab-migration claimed this task.
gitlab-migration added a subscriber: gitlab-migration.

This task has been migrated to GitLab.

About · Developer information · Legal