Vitaly Zaitsev via devel wrote on Sun, Jun 09, 2024 at 09:15:56AM +0200: > On 08/06/2024 00:43, Aoife Moloney wrote: > > OpenSSL will no longer trust cryptographic signatures using SHA-1 by > > default, starting from Fedora 41. > > What about Git? AFAIK, AFAIK, Git heavily uses both SHA-1 and SHA-2 to > validate objects and commits. git does not use OpenSSL to compute the hash, so nothing should change as far as I understand this (..and from a quick look at recent release notes it'll be a while longer until we can see a transition, the support for sha256 commit ids has been implemented a while ago but "Work to support a repository that work with both SHA-1 and SHA-256 hash algorithms has stated" in git 2.45 (29 Apr 2024); right now a repo that wants to use sha256 needs to select that at git init time and pull/push won't work with something using sha1... and all forges like github refuse push if you try sha256. So some conversion path for existing repos and platforms support must come first, and there is none of that yet afaics, with work on the former that apparently just started) -- Dominique Martinet | Asmadeus -- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
