Re: Database Change Control Process

From: Nigel Thomas <nigel.cl.thomas_at_googlemail.com>
Date: Wed, 26 Feb 2014 14:30:32 +0000
Message-ID: <CAGRZYUe1FeWQdLL9KL2MF3WmwH4Uv-xr0E7Hahwkpryyc+9hrw_at_mail.gmail.com>



Git (with suitable configuration) supports the *ident* attribute, which results in $Id...$ being replaced not with a version or revision number like CVS or SVN, but with a SHA1 hash of the file (which you can then match back to specific file versions). The hash is a little less developer friendly than a revision or version number but it does aid verification. The issue for database objects is that some **** developer may have edited your code in place; so whether you use a CVS version, SVN revision or Git hash, you can only truly verify the code is valid by comparing it with the authorised version.

I guess it might at least be feasible to build a package that reads from USER_SOURCE (I am thinking mainly about stored routines) and calculates the SHA-1 hash; it can compare it with the presented hash to ensure the routine hasn't been interfered with. That's something you couldn't do so easily with version numbers, especially if the version control repository isn't accessible from the database server.

See
http://stackoverflow.com/questions/1792838/how-do-i-enable-ident-string-for-git-repos

Regards Nigel

On 26 February 2014 14:11, William Robertson <william_at_williamrobertson.net>wrote:

>
> I recently learned that Git does not have this feature, and that the whole
> idea is regarded as somewhat passť by 3GL developers who can only conceive
> of compiling executables from a directory structure. I can't find it now
> but one discussion on Stackexchange linked to some comments from Thorvalds
> about how trivial it was to find the version of something without it
> <remainder snipped...>
>

--
http://www.freelists.org/webpage/oracle-l
Received on Wed Feb 26 2014 - 15:30:32 CET

Original text of this message