[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

new hash algorithim for git and maybe a goal for Bullseye ?

Dear all,

Please CC me if anybody feels like answering.

I was shared this [1] and while it's important, it is equally
important to point out that the work isn't complete atm.  From what
little I know, almost all Debian's work is now using git (there may be
some subversion, some mercurial repos) but most of the work has now
been using gitlab/salsa [2] .  While some of the comments suggest that
SHA-1 is fine for now one doesn't really know. From what little I can
make out, it seems a pretty disruptive change and  may have gotchas
also for the reproducible builds project. [3]

Wanna know what people think about it and if there have been plans to
discuss the same. I did take a brief look at debian-project [4] to see
if somebody had approached them for the same as something like this
might be a huge change but saw no messages about it. I am sure people
have a view on the above, this being the security list if for nothing

1. https://lwn.net/SubscriberLink/811068/cfeb6a67b8dfbe47/
2. salsa.debian.org
3. https://wiki.debian.org/ReproducibleBuilds
4. https://lists.debian.org/debian-security

          Shirish Agarwal  शिरीष अग्रवाल
  My quotes in this email licensed under CC 3.0

E493 D466 6D67 59F5 1FD0 930F 870E 9A5B 5869 609C

Reply to: