The claim that DC_SHA1 takes priority over other *_SHA1 knobs was true when it was added in [1], But that hasn't been the case since it was made the fallback default in [2]. We should be making it not only the default, but something that takes priority over other *_SHA1 knobs, but that's outside the scope of this change. For now let's correct the documentation to match reality. Let's also remove the "unconditionally enable" wording, per the above the enabling of "DC_SHA1" is conditional on these other flags. 1. 8325e43b82d (Makefile: add DC_SHA1 knob, 2017-03-16) 2. e6b07da2780 (Makefile: make DC_SHA1 the default, 2017-03-17) Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@xxxxxxxxx> --- Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 744bd4344f4..a2762e583a1 100644 --- a/Makefile +++ b/Makefile @@ -155,9 +155,8 @@ include shared.mak # Define BLK_SHA1 environment variable to make use of the bundled # optimized C SHA1 routine. # -# Define DC_SHA1 to unconditionally enable the collision-detecting sha1 +# Define DC_SHA1 to enable the collision-detecting sha1 # algorithm. This is slower, but may detect attempted collision attacks. -# Takes priority over other *_SHA1 knobs. # # Define DC_SHA1_EXTERNAL in addition to DC_SHA1 if you want to build / link # git with the external SHA1 collision-detect library. -- 2.38.0.1251.g3eefdfb5e7a