On Thu, Aug 23 2018, Junio C Hamano wrote: > Ævar Arnfjörð Bjarmason <avarab@xxxxxxxxx> writes: > >>> - The trailer consists of the following: >>> - A copy of the 20-byte SHA-256 checksum at the end of the >>> corresponding packfile. >>> >>> - 20-byte SHA-256 checksum of all of the above. >> >> We need to update both of these to 32 byte, right? Or are we planning to >> truncate the checksums? > > https://public-inbox.org/git/CA+55aFwc7UQ61EbNJ36pFU_aBCXGya4JuT-TvpPJ21hKhRengQ@xxxxxxxxxxxxxx/ Thanks. Yeah for this checksum purpose even 10 or 5 characters would do, but since we'll need a new pack format anyway for SHA-256 why not just use the full length of the SHA-256 here? We're using the full length of the SHA-1. I don't see it mattering for security / corruption detection purposes, but just to avoid confusion. We'll have this one place left where something looks like a SHA-1, but is actually a trunctated SHA-256.
