On Mon, Sep 14, 2015 at 1:46 PM, Warren Young <w...@etr-usa.com> wrote:
> The question is, “Why does this UI web page have to *say* that it is a > SHA-1 hash?” > > If this page just said “checkin ID,” what would be lost? > As far as VCS functionality, nothing. On the other hand, many projects publish the hashes for their release packages so that people can verify the package is correct. The Fossil manifest's hash takes that to another level. Verify the manifest, then verify each file listed in the manifest. > What would be gained is that people wouldn’t be trying to work out how to > match sha1sum commands to Fossil output, fossil artifact id | sha1sum - sha1sum path/to/file > and Fossil would be free to switch to a different algorithm later if that > seemed like a good idea. Fossil still can switch hash algorithms. Existing repos probably remain with SHA1, while new repos would use the new algorithm. Not impossible to convert a repo, but all IDs would change. Any use of old IDs could utilize tags generated during the conversion. Even a mixed hash repo could exist if a version (or hash) card were introduced.
_______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
