It would be useful to have a filter function that can be used to implement "visibility" restrictions inside the repository. My initial thought would be to just do this path-based, i.e.
f :: parts -> attrs -> attrs where
parts is the location list that readTree collects during traversal.
This would make it possible to, for example, make user folders inaccessible in the rest of the depot tree.