Re: [PATCH 0/2] help: include SHA build options in version info
From: Christian Couder <hidden>
Date: 2025-03-29 08:58:48
On Fri, Mar 28, 2025 at 6:05 PM Justin Tobler [off-list ref] wrote:
Greetings, Additional information regarding how Git was build can be found via the
Maybe: s/build/built/
`--build-options` flag for git-verison(1). This currectly does not
s/git-verison/git-version/ s/currectly/currently/
include information about the SHA-1 and SHA-256 implementations Git is built with. This short series adds build option info for the SHA-1, SHA-256, and unsafe-SHA-1 (if any) implementations which may be useful for diagnostic purposes. Regarding "unsafe-SHA-1", I wonder if we should use a different name in the printed build options that sounds a little less scary. I was thinking maybe "fast-SHA-1" and document its meaning appropriately. I'm interested to know if anyone has thoughts on this.
Maybe we could use just "SHA-1" if a single algorithm is used for everything, and both "SHA-1 for crypto" and "SHA-1 for non-crypto" otherwise. Related to this I wonder if we should warn in some ways if a non collision detection algorithm is used for crypto. For example we could print "SHA-1: OpenSSL (No collision detection!!!)" instead of just "SHA-1: OpenSSL". And yeah that should be documented. Thanks!