1 |
>>>>> On Sat, 20 Sep 2014, hasufell wrote: |
2 |
|
3 |
>> Have these plans been abandoned, and are we now planning to |
4 |
>> distribute the tree to users via Git, where everything goes through |
5 |
>> the bottleneck of a SHA-1 sum, which was never intended as a |
6 |
>> security feature? |
7 |
|
8 |
> This is a bug in git. Do you want us to wait until it is resolved? |
9 |
|
10 |
Not a bug. There are VCSs (like Subversion or Bazaar) that use simple |
11 |
revision numbers to identify their commits. Git happens to use a hash, |
12 |
which is perfectly fine as long as accidental collisions are unlikely. |
13 |
Neither has to do anything with security, though. |
14 |
|
15 |
Ulrich |