On Mon, Jul 24, 2017 at 03:44:23PM -0700, Junio C Hamano wrote: > A release candidate Git v2.14.0-rc1 is now available for testing > at the usual places. It is comprised of 708 non-merge commits > since v2.13.0, contributed by 61 people, 14 of which are new faces. > > The tarballs are found at: > > https://www.kernel.org/pub/software/scm/git/testing/ I noticed these tarballs are signed with SHA-1. Since we're working on adding additional hash support for SHA-256, I was wondering if you might consider using SHA-256 instead. This works all the way back to the GnuPG shipped with CentOS 4, so there should be no compatibility issues. If you're using a reasonably up-to-date version of GnuPG 1.4 or 2, you should be able to simply drop the following line in ~/.gnupg/gpg.conf and have things work: personal-digest-preferences SHA256 SHA384 SHA512 You can also change the order to suit your liking; SHA-384 and SHA-512 support still goes back to at least 2007 (CentOS 5). -- brian m. carlson / brian with sandals: Houston, Texas, US https://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: https://keybase.io/bk2204
Attachment:
signature.asc
Description: PGP signature
