On Tue, Mar 10, 2026 at 5:19 PM Johan Corveleyn <[email protected]> wrote: > > Not looking for any action per se, but I thought I'd highlight again > that, apart from "pristines-on-demand" and other nice features and > improvements, we'll also be bringing back plaintext password caching > support on unix-like systems in 1.15.0 (previously disabled at compile > time). > > As explained in [1]: "In Subversion 1.12 through 1.14, write access to > the Plaintext cache was disabled by default at compile-time. [...] > Unfortunately, this has caused a variety of problems for users, > especially when using the svn client in unattended processes such as > CI systems, or on remote machines through ssh [...] Based on the > feedback received, Subversion 1.15 inverts the default. [...] Sites > that wish to eliminate this possibility can do [... compile-time > disable flag; set up encrypted stores such as GNOME Keyring or KWallet > ]" > > I'm highlighting it because it might be a little contentious / > surprising, and perhaps it has been forgotten a bit because the > discussions took place years ago [2]. To reiterate, I don't think > anything special is needed, but if anyone now gets an eery feeling > that we probably should do something more about it (e.g. introduce a > simple obfuscator for those plaintext pwd's or whatever), "speak now > or forever hold your peace" ;-) > > [1] > https://subversion-staging.apache.org/docs/release-notes/1.15.html#plaintext-passwords-supported > > [2] https://lists.apache.org/thread/b6g2hx2m3s117wcmno08opl874ons3q8 > https://lists.apache.org/thread/p2vn6foj8qz3lfvdl70bs62vg5krcgr7 > https://lists.apache.org/thread/4skymgjtwozjl8gd9m14jnkqq1wf77bo > > -- > Johan
I wouldn't consider myself an expert in this topic, but I think there should be a way to at least force a plaintext store. I could imagine adding for example `svn something --allow-plaintext-passwords`. I used to run into this problem myself and ended up running a script <./tools/client-side/store-plaintext-password.py> that basically does the job. I think any kind of non-cryptographically secure password obfuscation gives a false sense of security. In this case it might be better to explicitly show "hey your passwords are here and anyone can steal them". -- Timofei Zhakov
