Previous Entry Share Next Entry
04:21 pm, 27 Jan 08


Fossil version control system. It's made by by the SQLite guys, apparently? And was released maybe a few months ago.

It looks like it was heavily influenced by monotone: SHA-1 file identifiers, commit-before-merge means branches can have multiple heads, etc., but with a bunch of complexity ripped out, so there's a bit of a git feel. The main differences, as far as I can tell, are:
  • Versions are hashes of "manifest" files, which contain a list of all files and hashes in the tree along with parent hashes. No nested directory hashes, and apparently no smarts for renames. (I'm guessing here they intend to work like git.)
  • No crypto? Though it mentions commits can be signed with GPG.
  • Network protocol is all HTTP-based, and designed to work over CGI.
  • Custom file delta algorithm and format.
Some other cute bits that aren't really core to the project: Integrated HTTP-based tree browser, wiki, and BTS; and a config switch that switches you into "centralized mode" where every commit and update just does the decentralized thing along a sync with the server.

Some bits that are unclear: (a) how they handle conflicts on the wiki/BTS parts (like, which head becomes the one displayed on the page?); (b) what the bits in their blurbs about allowing "anonymous checkin" really means; (c) whether their login protocol is vulnerable to reply attacks; (d) how their netsync protocol identifies what bits a client is lacking; (e) how they identify branches -- it appears to be just the head commit hash, but then in the update docs they mention "the branch you are on"; and, of course, (f) why the world needs another system like this.

PS: I don't really mean (f) -- I think experimentation is the best way to advance the state of the art -- but I am curious how this is significantly different than the systems it compares itself to. It looks decent enough on paper...