On Sat, Feb 25, 2017 at 11:35:27PM +0100, Lars Schneider wrote: > > So we don't actually know how Git would behave in the face of a SHA-1 > > collision. It would be pretty easy to simulate it with something like: > [...] > > That's a good idea! I wonder if it would make sense to setup an > additional job in TravisCI that patches every Git version with some hash > collisions and then runs special tests. This way we could ensure Git > behaves reasonable in case of a collision. E.g. by printing errors and > not crashing or corrupting the repo. Do you think that would be worth > the effort? I think it would be interesting to see the results under various scenarios. I don't know that it would be all that interesting from an ongoing CI perspective. But we wouldn't know until somebody actually writes the tests and we see what they do. -Peff