On Mon, Apr 24, 2023 at 11:37 AM Daniel Sahlberg <daniel.l.sahlb...@gmail.com> wrote: > > Den sön 23 apr. 2023 kl 04:21 skrev Nathan Hartman <hartman.nat...@gmail.com>: >> >> On Sat, Apr 22, 2023 at 2:02 PM Johan Corveleyn <jcor...@gmail.com> wrote: >>> >>> On Sat, Apr 22, 2023 at 6:25 PM <dsahlb...@apache.org> wrote: >>> > >>> > Author: dsahlberg >>> > Date: Sat Apr 22 16:25:30 2023 >>> > New Revision: 1909352 >>> > >>> > URL: http://svn.apache.org/viewvc?rev=1909352&view=rev >>> > Log: >>> > * CHANGES: Document r1909351 >>> ... >>> > + - Other tool improvements and bugfixes: >>> > + * Storing passwords in plain text on disk is again enabled by >>> > default (r1909351) >>> >>> I would suggest rephrasing this a bit, to make it clear that we simply >>> re-enabled the *possibility* of storing passwords in plain text (on >>> Unix, if the runtime configuration allows it and no better password >>> stores are available). Obviously that's a bit long, but I can't come >>> up with a good concrete suggestion right now, sorry :-). But as it >>> reads there it could be interpreted as "wow? what?". >>> >>> -- >>> Johan >> >> >> >> Maybe something along the lines of: >> >> "When building on Unix, include support for the simple (plaintext) >> credential store unless disabled at configure time with >> --disable-plaintext-password-storage (r1909351)." > > > Thanks for reviewing! I originally copied the text from 1.12.0 and sort of > s/disable/enable/ and I agree it didn't turn out very good. > > Nathan's suggestion has a much better wording, but it sounds a little bit as > it is a new feature. Maybe that is what we want, but I'll throw in another > option detailing that we are actually reverting the change from 1.12.0: > > "When building on Unix, change default configure option to enable support for > the simple (plaintext) credential store unless disabled at configure time > with --disable-plaintext-password-storage. This reverts r1845377 (r1909351)."
+1. Agreed that this is much clearer. > It would feel better if we are very clear that we revert a previous change, > in case someone has looked at 1.12 and thought "finally, the plaintext cache > is disabled" and now realize they have to change their build settings. Yes, that makes sense. Sometime in the next few days, I'll draft some text for the 1.15.x release notes about this change (unless you or someone else wants to do it or has already started; in that case, just let me know)... Also the FAQ entry might need an update; I'll look at that at the same time. Cheers, Nathan
