On Thu, Feb 23, 2017 at 11:43 PM, Joey Hess <id@xxxxxxxxxx> wrote: > IIRC someone has been working on parameterizing git's SHA1 assumptions > so a repository could eventually use a more secure hash. How far has > that gotten? There are still many "40" constants in git.git HEAD. Michael asked Brian (that "someone") the other day and he replied [1] >> I'm curious; what fraction of the overall convert-to-object_id campaign >> do you estimate is done so far? Are you getting close to the promised >> land yet? > > So I think that the current scope left is best estimated by the > following command: > > git grep -P 'unsigned char\s+(\*|.*20)' | grep -v '^Documentation' > > So there are approximately 1200 call sites left, which is quite a bit of > work. I estimate between the work I've done and other people's > refactoring work (such as the refs backend refactor), we're about 40% > done. [1] http://public-inbox.org/git/%3C20170217214513.giua5ksuiqqs2laj@xxxxxxxxxxxxxxxxxxxxxxxxxx%3E/ -- Duy