"brian m. carlson" <sandals@xxxxxxxxxxxxxxxxxxxx> writes: > Our document on breaking changes indicates that we intend to default to > SHA-256 in Git 3.0. Since most people choose the default option, this > is an important security upgrade to our defaults. > > To allow people to test this case, when WITH_BREAKING_CHANGES is set in > the configuration, build Git with SHA-256 as the default hash. Update > the testsuite to reflect this configuration so that the tests pass. Another thing that I suspect nobody wrote tests for, but we must be absolutely certain, is that the post-3.0 Git can still interoperate well with historical SHA-1 repositories (I am not talking about "fetch from SHA-1 into SHA-256", but "the binary does not lose ability to work in SHA-1 repositories or fetch/push between SHA-1 repositories, only because the default is set to SHA-256"), even in old repositories people have been using for ages without the core.repositoryformatversion defined. Thanks.
