Following the plan established in GLEP 59, we're long overdue
deprecating SHA256. Since we have finally got rid of the last packages
lacking SHA512 checksums, we can proceed with that. In order to prepare
for it, however, we need to change the required hash to SHA512 and make
sure developers install the new Portage & repoman versions first.
Of course, a better course of action would be to kill
MANIFEST2_REQUIRED_HASH entirely and make Portage capable of dealing
with any hash set. However, that's a larger piece of work and it would
delay the immediate goal.
---
pym/portage/const.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pym/portage/const.py b/pym/portage/const.py
index 052d4ca2f..cbd2b6042 100644
--- a/pym/portage/const.py
+++ b/pym/portage/const.py
@@ -234,7 +234,7 @@ MANIFEST2_HASH_FUNCTIONS = ("SHA256", "SHA512", "WHIRLPOOL",
"BLAKE2B", "BLAKE2S", "SHA3_256", "SHA3_512",
"STREEBOG256", "STREEBOG512")
MANIFEST2_HASH_DEFAULTS = frozenset(["SHA256", "SHA512", "WHIRLPOOL"])
-MANIFEST2_REQUIRED_HASH = "SHA256"
+MANIFEST2_REQUIRED_HASH = "SHA512"
MANIFEST2_IDENTIFIERS = ("AUX", "MISC", "DIST", "EBUILD")
--
2.13.1
