From: Junio C Hamano <gitster@pobox•com>
To: "brian m. carlson" <sandals@crustytoothpaste•net>
Cc: <git@vger•kernel.org>, Patrick Steinhardt <ps@pks•im>
Subject: Re: [PATCH 10/10] Enable SHA-256 by default in breaking changes mode
Date: Fri, 20 Jun 2025 08:03:23 -0700 [thread overview]
Message-ID: <xmqqfrfu5ubo.fsf@gitster.g> (raw)
In-Reply-To: <20250620011943.586596-11-sandals@crustytoothpaste.net> (brian m. carlson's message of "Fri, 20 Jun 2025 01:19:42 +0000")
"brian m. carlson" <sandals@crustytoothpaste•net> writes:
> Our document on breaking changes indicates that we intend to default to
> SHA-256 in Git 3.0. Since most people choose the default option, this
> is an important security upgrade to our defaults.
>
> To allow people to test this case, when WITH_BREAKING_CHANGES is set in
> the configuration, build Git with SHA-256 as the default hash. Update
> the testsuite to reflect this configuration so that the tests pass.
Another thing that I suspect nobody wrote tests for, but we must be
absolutely certain, is that the post-3.0 Git can still interoperate
well with historical SHA-1 repositories (I am not talking about
"fetch from SHA-1 into SHA-256", but "the binary does not lose
ability to work in SHA-1 repositories or fetch/push between SHA-1
repositories, only because the default is set to SHA-256"), even in
old repositories people have been using for ages without the
core.repositoryformatversion defined.
Thanks.
next prev parent reply other threads:[~2025-06-20 15:03 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-20 1:19 [PATCH 00/10] Add SHA-256 by default as a breaking change brian m. carlson
2025-06-20 1:19 ` [PATCH 01/10] hash: add a constant for the default hash algorithm brian m. carlson
2025-06-20 1:19 ` [PATCH 02/10] hash: add a constant for the original " brian m. carlson
2025-06-20 1:56 ` Junio C Hamano
2025-06-20 20:43 ` brian m. carlson
2025-07-01 11:35 ` Patrick Steinhardt
2025-06-20 1:19 ` [PATCH 03/10] builtin: use default hash when outside a repository brian m. carlson
2025-06-20 14:19 ` Junio C Hamano
2025-07-01 11:35 ` Patrick Steinhardt
2025-07-01 21:14 ` brian m. carlson
2025-07-02 15:08 ` Patrick Steinhardt
2025-06-20 1:19 ` [PATCH 04/10] Use original hash for legacy formats brian m. carlson
2025-06-20 14:26 ` Junio C Hamano
2025-06-20 20:51 ` brian m. carlson
2025-06-20 21:14 ` Junio C Hamano
2025-07-01 11:35 ` Patrick Steinhardt
2025-06-20 1:19 ` [PATCH 05/10] setup: use the default algorithm to initialize repo format brian m. carlson
2025-06-20 14:55 ` Junio C Hamano
2025-06-20 20:28 ` brian m. carlson
2025-06-20 21:05 ` Junio C Hamano
2025-06-20 1:19 ` [PATCH 06/10] t: default to compile-time default hash if not set brian m. carlson
2025-06-20 1:19 ` [PATCH 07/10] t1007: choose the built-in hash outside of a repo brian m. carlson
2025-06-20 1:19 ` [PATCH 08/10] t4042: " brian m. carlson
2025-06-20 1:19 ` [PATCH 09/10] t5300: " brian m. carlson
2025-06-20 1:19 ` [PATCH 10/10] Enable SHA-256 by default in breaking changes mode brian m. carlson
2025-06-20 14:58 ` Junio C Hamano
2025-06-20 19:18 ` brian m. carlson
2025-06-20 15:03 ` Junio C Hamano [this message]
2025-06-20 19:15 ` brian m. carlson
2025-06-20 20:42 ` Junio C Hamano
2025-06-20 21:06 ` brian m. carlson
2025-07-01 11:35 ` Patrick Steinhardt
2025-07-01 21:22 ` [PATCH v2 00/11] Add SHA-256 by default as a breaking change brian m. carlson
2025-07-01 21:22 ` [PATCH v2 01/11] hash: add a constant for the default hash algorithm brian m. carlson
2025-07-01 21:22 ` [PATCH v2 02/11] hash: add a constant for the legacy " brian m. carlson
2025-07-01 21:22 ` [PATCH v2 03/11] builtin: use default hash when outside a repository brian m. carlson
2025-07-01 21:22 ` [PATCH v2 04/11] Use legacy hash for legacy formats brian m. carlson
2025-07-01 21:22 ` [PATCH v2 05/11] setup: use the default algorithm to initialize repo format brian m. carlson
2025-07-01 21:22 ` [PATCH v2 06/11] t: default to compile-time default hash if not set brian m. carlson
2025-07-01 21:22 ` [PATCH v2 07/11] t1007: choose the built-in hash outside of a repo brian m. carlson
2025-07-01 21:22 ` [PATCH v2 08/11] t4042: " brian m. carlson
2025-07-01 21:22 ` [PATCH v2 09/11] t5300: " brian m. carlson
2025-07-01 21:22 ` [PATCH v2 10/11] help: add a build option for default hash brian m. carlson
2025-07-01 21:22 ` [PATCH v2 11/11] Enable SHA-256 by default in breaking changes mode brian m. carlson
2025-07-01 22:10 ` [PATCH v2 00/11] Add SHA-256 by default as a breaking change Junio C Hamano
2025-07-02 14:46 ` Patrick Steinhardt
2025-07-02 15:01 ` Kristoffer Haugsbakk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqfrfu5ubo.fsf@gitster.g \
--to=gitster@pobox$(echo .)com \
--cc=git@vger$(echo .)kernel.org \
--cc=ps@pks$(echo .)im \
--cc=sandals@crustytoothpaste$(echo .)net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox