Hi, martin f krafft wrote: > Hi folks, > > the other day during a workshop on Git, one of the attendants asked > about the scenario when two developers, Jane and David, both working > on the same project, both create a commit and the two just so happen > to have the same SHA-1. Changing the committer time is the easiest way to solve this problem, if it ever happens. I have wondered how Git would behave if there are two files that are not equal but have the same SHA-1. But I haven't found any such example files to test this scenario and have not had the time to write or look for a tool that generates them. (MD5 collisions can be generated within 2 hours on usual home hardware and even Wikipedia links to collided files. An intelligent search for SHA-1 collisions takes 2^63 evaluations and not 2^80 (simple birthday attack) as expected. So it should be possible to find some random collisions and test the behavior...) But even if git behaves terrible useless in such situations, it does not make any sense to guard against them, because in practice they just do not happen. (And I think such guards will just slow git down in the usual case.) Regards, Stephan -- Stephan Beyer <s-beyer@xxxxxxx>, PGP 0x6EDDD207FCC5040F
Attachment:
signature.asc
Description: Digital signature
