[IPython-dev] Storing signatures outside the notebook

[Thomas Kluyver]

Min and I were just talking to Aron Ahmadia and Chris Kees. We covered
several topics, but one of the more straightforward things we discussed was
the problem that storing signatures in the notebook gives for version
control - because any two changes will make the signature conflict, even if
the changes are at opposite ends of the notebook.

We possibly shouldn't try to rework this before 3.0, but I started thinking
about alternatives, and wanted to put a couple out for discussion:

1. Store signatures next to notebooks - maybe a .ipynb.sig file, like you
sometimes see checksum files next to downloads. This has the advantage that
to move the notebook along with its trust, you can just move those two
files together, but the disadvantage that it clutters up your working
directory.
2. An extra subdirectory, like we already use for checkpoints, but for
signatures. Less clutter, but more awkward to move a notebook and its
associated signature together.
3. A per-user database storing hashes of all trusted notebooks. Checking if
a notebook is trusted then becomes: hash it, and check whether that hash is
in the database. The notebook's location on the filesystem is irrelevant.
This may be troublesome for people who sync their IPython directory across
multiple computers, or have home directories on an NFS mount, though.

Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/ipython-dev/attachments/20141215/bb6178b1/attachment.html>