On 11/29/17, Joerg Sonnenberger <jo...@bec.de> wrote: >> >> For example, if checkin [1234abcd] has a comment that refers to ticket >> [bcdef522] which in turn refers to artifact ID [6543cfe], is the >> migration tool expected to chase and re-point all those links when all >> the hashes change? > > That can be handled by adding optional aliases. Old links will remain > valid even though the integrity of the repository depends on the > stronger hash.
Yes, that could be done, in theory. But then we'd have to invent a new artifact type to communicate the aliases, or else the links would work on the original repository only, and fail on clones. That's a lot of extra complication. Isn't it better just to keep the legacy SHA1 hashes and use SHA3 moving forwards? FWIW, Fossil now uses Marc Stevens and Dan Shumow's "hardened SHA1" for legacy hashes. Hardened SHA1 is not vulnerable to the SHAttered attach. See https://github.com/cr-marcstevens/sha1collisiondetection for additional information. -- D. Richard Hipp d...@sqlite.org _______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users