On Mon, May 1, 2017 at 10:54 PM, Julian Foad <julianf...@apache.org> wrote: > Just asking... > > As I understand it, we paused the issuing of 1.10 alpha releases because we > considered that the final 1.10 release will need to address the SHA1 > collision issue otherwise it won't be considered a viable release. > > It seemed reasonable to pause for a bit while the SHA1 issue was worked on, > and Stefan2 has done some work on that. But currently it seems that there is > nobody doing any further work on it. > > We could continue waiting, or maybe now we should resume the alpha testing > of the new features (conflict resolution), and let the SHA1 work be fixed as > and when someone is motivated to do so (before or after 1.10). It seems to > me that sometimes in open source we need to get on with doing what we can > do, and just trust that someone else will do the rest. > > Thoughts?
+1. I think this "pause-for-sha1-fixes" has now taken more than long enough. We should try gathering our focus again on releasing 1.10, and get the improvements it brings in the hands of users. -- Johan
