Git integration question

General questions about using ExamDiff Pro, ideas for new features, bug reports, and usage tips.
User avatar
psguru
Site Admin
Posts: 2228
Joined: Sat May 15, 2004 4:23 pm
Location: California
Contact:

Re: Git integration question

Post by psguru »

FILE_NOTIFY_CHANGE_FILE_NAME
FILE_NOTIFY_CHANGE_DIR_NAME
FILE_NOTIFY_CHANGE_ATTRIBUTES
FILE_NOTIFY_CHANGE_SIZE
FILE_NOTIFY_CHANGE_LAST_WRITE
FILE_NOTIFY_CHANGE_CREATION
FILE_NOTIFY_CHANGE_SECURITY
This list is correct for directory comparison.
I suspect that in this case, FILE_NOTIFY_CHANGE_ATTRIBUTES causes the false positive.
First of of, you can't know without testing your hypothesis. Second, why is watching for FILE_NOTIFY_CHANGE_ATTRIBUTES is incorrect? Directory comparison does show file attributes, and it can compare by them as well. Windows Defender can perform other operations, such as quarantine a file temporarily by deleting it and copying back.

My suggestion: disable file change notification for directory comparison, or use the Notify options to show balloons instead of the message box.
psguru
PrestoSoft
User avatar
Alexo
Expert Member
Posts: 154
Joined: Fri Oct 22, 2004 10:18 am
Location: Canada

Re: Git integration question

Post by Alexo »

psguru wrote: Tue Feb 15, 2022 4:06 pm
I suspect that in this case, FILE_NOTIFY_CHANGE_ATTRIBUTES causes the false positive.
First of of, you can't know without testing your hypothesis.
Which is why I said "I suspect". It could be a different flag.
psguru wrote: Tue Feb 15, 2022 4:06 pm Second, why is watching for FILE_NOTIFY_CHANGE_ATTRIBUTES is incorrect?
I did not say it was incorrect. I said that I suspected that it was responsible for the false positive in this particular case.
psguru wrote: Tue Feb 15, 2022 4:06 pm Directory comparison does show file attributes, and it can compare by them as well.
No argument here.
psguru wrote: Tue Feb 15, 2022 4:06 pm Windows Defender can perform other operations, such as quarantine a file temporarily by deleting it and copying back.
Yes it can, but the Process Monitor log shows that it didn't.
psguru wrote: Tue Feb 15, 2022 4:06 pm My suggestion: disable file change notification for directory comparison, or use the Notify options to show balloons instead of the message box.
Yes, I don't see any other option. Windows is being wonky and you probably cannot do anything about that behaviour. Technically, a file did change, just not in a way that we can see, and I don't know of any way to check that it was the case. Oh well, maybe something for the FAQ?

Will /se:Session work in this situation?
JeremyNicoll
Expert Member
Posts: 108
Joined: Sun May 02, 2010 12:00 pm
Location: Edinburgh

Re: Git integration question

Post by JeremyNicoll »

While not ideal, it seems to me that introducing a delay between git calling EDP and the comparison starting might help, especially if there was any way to tell when Defender has stopped examining the newly-copied files. So, have git call (say) a batch file that waits for something (maybe just a few seconds to pass, maybe for an explicit command to go ahead, maybe for some sign that Defender is finished - perhaps one can tell by monitoring file handles via eg the SysInternals "handle" utility?) then calls EDP. If necessary one could invert the logic on EDP's return-codes as well.

Or, it might be possible to have Defender not examine the location it copies those files to?
User avatar
Alexo
Expert Member
Posts: 154
Joined: Fri Oct 22, 2004 10:18 am
Location: Canada

Re: Git integration question

Post by Alexo »

JeremyNicoll wrote: Wed Feb 16, 2022 7:38 am While not ideal, it seems to me that introducing a delay between git calling EDP and the comparison starting might help, especially if there was any way to tell when Defender has stopped examining the newly-copied files. So, have git call (say) a batch file that waits for something (maybe just a few seconds to pass, maybe for an explicit command to go ahead, maybe for some sign that Defender is finished - perhaps one can tell by monitoring file handles via eg the SysInternals "handle" utility?) then calls EDP.
Not really feasible, as it can take minutes on large folders.
JeremyNicoll wrote: Wed Feb 16, 2022 7:38 am If necessary one could invert the logic on EDP's return-codes as well.
This may be useful for diffs that do not bring up the directory comparison window but compare files sequentially, but that's a different process.
JeremyNicoll wrote: Wed Feb 16, 2022 7:38 am Or, it might be possible to have Defender not examine the location it copies those files to?
Yes on personal machines.
Unfortunately not possible on work machines that are managed by corporate IT.

Found a link:
https://social.technet.microsoft.com/Fo ... attributes
User avatar
psguru
Site Admin
Posts: 2228
Joined: Sat May 15, 2004 4:23 pm
Location: California
Contact:

Re: Git integration question

Post by psguru »

Yes, I don't see any other option. Windows is being wonky and you probably cannot do anything about that behaviour. Technically, a file did change, just not in a way that we can see, and I don't know of any way to check that it was the case. Oh well, maybe something for the FAQ?

Will /se:Session work in this situation?
Yes, it will.
psguru
PrestoSoft
JeremyNicoll
Expert Member
Posts: 108
Joined: Sun May 02, 2010 12:00 pm
Location: Edinburgh

Re: Git integration question

Post by JeremyNicoll »

Alexo wrote: Wed Feb 16, 2022 8:44 am
JeremyNicoll wrote: Wed Feb 16, 2022 7:38 am Or, it might be possible to have Defender not examine the location it copies those files to?
Yes on personal machines.
Unfortunately not possible on work machines that are managed by corporate IT.
My corporate IT experience is all as a mainframe systems programmer; where - if there was a corporate need to support this sort of thing, we could have done it, by forcing the temporary directories/files to be created in a specific known location (assuming a system process was doing that not a user one), then ensuring security products treated that location specially. That would have allowed the diff processing, but I'm not sure that we could have allowed a user to initiate changes to the temporary files; those would have needed to be made to the original files.

It's maybe more complicated or impossible in your environment.
User avatar
Alexo
Expert Member
Posts: 154
Joined: Fri Oct 22, 2004 10:18 am
Location: Canada

Re: Git integration question

Post by Alexo »

psguru wrote: Wed Feb 16, 2022 8:47 am
Will /se:Session work in this situation?
Yes, it will.
I tried it. Currently git invokes EDP with these flags: -se:git -nh
However, after I dig into individual files, the history for the file comparison is still saved for the "git" session.
User avatar
psguru
Site Admin
Posts: 2228
Joined: Sat May 15, 2004 4:23 pm
Location: California
Contact:

Re: Git integration question

Post by psguru »

This has nothing to do with using the "-se" option. You are right, the "-nh" option only affects the first comparison (directory in your case). Are suggesting that it has to affect all comparisons launched form the first?
psguru
PrestoSoft
User avatar
Alexo
Expert Member
Posts: 154
Joined: Fri Oct 22, 2004 10:18 am
Location: Canada

Re: Git integration question

Post by Alexo »

I would assume so. If I launch EDP with "no history", I expect it to save no history, just like it says on the tin.

That said, I believe that it also saved the folder history, despite being told not to.
I'll check tomorrow.
User avatar
psguru
Site Admin
Posts: 2228
Joined: Sat May 15, 2004 4:23 pm
Location: California
Contact:

Re: Git integration question

Post by psguru »

I would assume so. If I launch EDP with "no history", I expect it to save no history, just like it says on the tin.
We'll see if we can add this to the next build.
That said, I believe that it also saved the folder history, despite being told not to.
Not in my tests.
psguru
PrestoSoft
User avatar
Alexo
Expert Member
Posts: 154
Joined: Fri Oct 22, 2004 10:18 am
Location: Canada

Re: Git integration question

Post by Alexo »

I just rechecked. You are right, it doesn't update the registry with the folders, just the files (after drilling down).
User avatar
Alexo
Expert Member
Posts: 154
Joined: Fri Oct 22, 2004 10:18 am
Location: Canada

Re: Git integration question

Post by Alexo »

Oh, I remember what was the issue.

I intend the "git" session to only be used with git diff, git difftool, etc.

However, after running those commands, EDP remembers the session used and uses it the next time I run EDP.

There should be a way to tell EDP that I am using this session TEMPORARILY, so it will not replace the default session with it.
User avatar
psguru
Site Admin
Posts: 2228
Joined: Sat May 15, 2004 4:23 pm
Location: California
Contact:

Re: Git integration question

Post by psguru »

The last used session is indeed the default for the next launch. If you run the next GUI, just change it there. If you run the next command line, specify a different session with the /se option.
psguru
PrestoSoft
User avatar
Alexo
Expert Member
Posts: 154
Joined: Fri Oct 22, 2004 10:18 am
Location: Canada

Re: Git integration question

Post by Alexo »

I would appreciate a command-line option not to change the default session for the next launch.
Changing the session almost every time I do a GUI comparison is inconvenient.

I would even go as far as to argue that a session specified on the command line (as opposed to picked in the GUI) is used to temporary override the default and as such should not persist it.
User avatar
psguru
Site Admin
Posts: 2228
Joined: Sat May 15, 2004 4:23 pm
Location: California
Contact:

Re: Git integration question

Post by psguru »

I'm not sure we want to introduce yet one more rule. As workaround for your issue, there another option you could use:
--no_registry_writing
With it, EDP will not write anything to the Registry during its run.
psguru
PrestoSoft
Post Reply