On Fri, Mar 28, 2025 at 6:05 PM Justin Tobler <jltobler@xxxxxxxxx> wrote: > > Greetings, > > Additional information regarding how Git was build can be found via the Maybe: s/build/built/ > `--build-options` flag for git-verison(1). This currectly does not s/git-verison/git-version/ s/currectly/currently/ > include information about the SHA-1 and SHA-256 implementations Git is > built with. > > This short series adds build option info for the SHA-1, SHA-256, and > unsafe-SHA-1 (if any) implementations which may be useful for diagnostic > purposes. > > Regarding "unsafe-SHA-1", I wonder if we should use a different name in > the printed build options that sounds a little less scary. I was > thinking maybe "fast-SHA-1" and document its meaning appropriately. I'm > interested to know if anyone has thoughts on this. Maybe we could use just "SHA-1" if a single algorithm is used for everything, and both "SHA-1 for crypto" and "SHA-1 for non-crypto" otherwise. Related to this I wonder if we should warn in some ways if a non collision detection algorithm is used for crypto. For example we could print "SHA-1: OpenSSL (No collision detection!!!)" instead of just "SHA-1: OpenSSL". And yeah that should be documented. Thanks!
