Fossil SCM
With Git 3.0 in sight, the time has come to update the SHA256 situation in the www/fossil-v-git.wiki doc once again.
Commit
35fe8bf9403138355b946666f00c54c62301914b14f9827b2e9bc1a4bef10e67
Parent
59985724d71229b…
1 file changed
+28
-21
+28
-21
| --- www/fossil-v-git.wiki | ||
| +++ www/fossil-v-git.wiki | ||
| @@ -20,12 +20,12 @@ | ||
| 20 | 20 | In this document, we set all of that similarity and interoperability |
| 21 | 21 | aside and focus on the important differences between the two, especially |
| 22 | 22 | those that impact the user experience. |
| 23 | 23 | |
| 24 | 24 | Keep in mind that you are reading this on a Fossil website, and though |
| 25 | -we try to be fair, the information here | |
| 26 | -might be biased in favor of Fossil, if only because we spend most of our | |
| 25 | +we try to be fair, the information here will inevitably | |
| 26 | +be biased in favor of Fossil purely because we spend most of our | |
| 27 | 27 | time using Fossil, not Git. Ask around for second opinions from |
| 28 | 28 | people who have used <em>both</em> Fossil and Git. |
| 29 | 29 | |
| 30 | 30 | If you want a more practical, less philosophical guide to moving from |
| 31 | 31 | Git to Fossil, see our [./gitusers.md | Git to Fossil Translation Guide]. |
| @@ -852,35 +852,42 @@ | ||
| 852 | 852 | This not |
| 853 | 853 | only solves the SHAttered problem, it should prevent a reoccurrence of |
| 854 | 854 | similar problems for the foreseeable future. |
| 855 | 855 | |
| 856 | 856 | Meanwhile, the Git community took until August 2018 to publish |
| 857 | -[https://git-scm.com/docs/hash-function-transition/|their first plan] | |
| 858 | -for solving the same problem by moving to SHA-256, a variant of the | |
| 859 | -[https://en.wikipedia.org/wiki/SHA-2 | older SHA-2 algorithm]. As of | |
| 860 | -this writing in February 2020, that plan hasn't been implemented, as far | |
| 861 | -as this author is aware, but there is now | |
| 862 | -[https://lwn.net/ml/git/[email protected]/ | |
| 863 | -| a competing SHA-256 based plan] which requires complete repository | |
| 864 | -conversion from SHA-1 to SHA-256, breaking all public hashes in the | |
| 865 | -repo. One way to characterize such a massive upheaval in Git terms is a | |
| 866 | -whole-project rebase, which violates the | |
| 867 | -[https://www.atlassian.com/git/tutorials/merging-vs-rebasing#the-golden-rule-of-rebasing|Golden Rule of Rebasing]. | |
| 868 | - | |
| 869 | -Regardless of the eventual implementation details, we fully expect Git | |
| 870 | -to move off SHA-1 eventually and for the changes to take years more to | |
| 871 | -percolate through the community. | |
| 872 | - | |
| 857 | +[https://git-scm.com/docs/hash-function-transition/ | their plan] for | |
| 858 | +solving the same problem by moving to SHA-256, a variant of the | |
| 859 | +[https://en.wikipedia.org/wiki/SHA-2 | older SHA-2 algorithm]. That is | |
| 860 | +now technically implemented in the sense that <tt>git init | |
| 861 | +--object-format=sha256</tt> exists, but note well: this is not only an | |
| 862 | +optional setting, Git forge support is mixed, most notably | |
| 863 | +[https://github.com/GitoxideLabs/gitoxide/issues/281 | lacking in | |
| 864 | +GitHub], plus also BitBucket and others. This is doubtless because of | |
| 865 | +this warning in the latest ([https://git-scm.com/docs/git-init/2.54.0 | | |
| 866 | +as of this writing]) <tt>git init</tt> docs: | |
| 867 | + | |
| 868 | +<blockquote>Note: At present, there is no interoperability between | |
| 869 | +SHA-256 repositories and SHA-1 repositories.</blockquote> | |
| 870 | + | |
| 871 | +Although we are now in the <i>tenth year</i> of this situation, there | |
| 872 | +remains hope that Git will manage to make the transition without taking | |
| 873 | +the full decade: the | |
| 874 | +[https://www.deployhq.com/blog/git-3-0-on-the-horizon-what-git-users-need-to-know-about-the-next-major-release | |
| 875 | +| latest plan] is that Git 3.0 will finally <i>(finally!)</i> switch to | |
| 876 | +SHA256 by default, forcing the issue. Given the track record, we are | |
| 877 | +taking a "show me" stance on this claim. | |
| 878 | + | |
| 879 | +Always remember, attacks only get better, never worse. | |
| 873 | 880 | Almost three years after Fossil solved this problem, the |
| 874 | 881 | [https://sha-mbles.github.io/ | SHAmbles attack] was published, further |
| 875 | 882 | weakening the case for continuing to use SHA-1. |
| 876 | 883 | |
| 877 | 884 | The practical impact of attacks like SHAttered and SHAmbles on the |
| 878 | 885 | Git and Fossil Merkle trees isn't clear, but you want to have your repositories |
| 879 | -moved over to a stronger hash algorithm before someone figures out how | |
| 880 | -to make use of the weaknesses in the old one. Fossil has had this covered | |
| 881 | -for years now, so that the solution is now almost universally deployed. | |
| 886 | +moved over to a stronger hash algorithm <i>before</i> someone figures out how | |
| 887 | +to make use of the weaknesses in the old one. Fossil's solution is long | |
| 888 | +since [https://repology.org/project/fossil/versions | universally deployed]. | |
| 882 | 889 | |
| 883 | 890 | <hr/> |
| 884 | 891 | |
| 885 | 892 | <h3>Asides and Digressions</h3> |
| 886 | 893 | |
| 887 | 894 |
| --- www/fossil-v-git.wiki | |
| +++ www/fossil-v-git.wiki | |
| @@ -20,12 +20,12 @@ | |
| 20 | In this document, we set all of that similarity and interoperability |
| 21 | aside and focus on the important differences between the two, especially |
| 22 | those that impact the user experience. |
| 23 | |
| 24 | Keep in mind that you are reading this on a Fossil website, and though |
| 25 | we try to be fair, the information here |
| 26 | might be biased in favor of Fossil, if only because we spend most of our |
| 27 | time using Fossil, not Git. Ask around for second opinions from |
| 28 | people who have used <em>both</em> Fossil and Git. |
| 29 | |
| 30 | If you want a more practical, less philosophical guide to moving from |
| 31 | Git to Fossil, see our [./gitusers.md | Git to Fossil Translation Guide]. |
| @@ -852,35 +852,42 @@ | |
| 852 | This not |
| 853 | only solves the SHAttered problem, it should prevent a reoccurrence of |
| 854 | similar problems for the foreseeable future. |
| 855 | |
| 856 | Meanwhile, the Git community took until August 2018 to publish |
| 857 | [https://git-scm.com/docs/hash-function-transition/|their first plan] |
| 858 | for solving the same problem by moving to SHA-256, a variant of the |
| 859 | [https://en.wikipedia.org/wiki/SHA-2 | older SHA-2 algorithm]. As of |
| 860 | this writing in February 2020, that plan hasn't been implemented, as far |
| 861 | as this author is aware, but there is now |
| 862 | [https://lwn.net/ml/git/[email protected]/ |
| 863 | | a competing SHA-256 based plan] which requires complete repository |
| 864 | conversion from SHA-1 to SHA-256, breaking all public hashes in the |
| 865 | repo. One way to characterize such a massive upheaval in Git terms is a |
| 866 | whole-project rebase, which violates the |
| 867 | [https://www.atlassian.com/git/tutorials/merging-vs-rebasing#the-golden-rule-of-rebasing|Golden Rule of Rebasing]. |
| 868 | |
| 869 | Regardless of the eventual implementation details, we fully expect Git |
| 870 | to move off SHA-1 eventually and for the changes to take years more to |
| 871 | percolate through the community. |
| 872 | |
| 873 | Almost three years after Fossil solved this problem, the |
| 874 | [https://sha-mbles.github.io/ | SHAmbles attack] was published, further |
| 875 | weakening the case for continuing to use SHA-1. |
| 876 | |
| 877 | The practical impact of attacks like SHAttered and SHAmbles on the |
| 878 | Git and Fossil Merkle trees isn't clear, but you want to have your repositories |
| 879 | moved over to a stronger hash algorithm before someone figures out how |
| 880 | to make use of the weaknesses in the old one. Fossil has had this covered |
| 881 | for years now, so that the solution is now almost universally deployed. |
| 882 | |
| 883 | <hr/> |
| 884 | |
| 885 | <h3>Asides and Digressions</h3> |
| 886 | |
| 887 |
| --- www/fossil-v-git.wiki | |
| +++ www/fossil-v-git.wiki | |
| @@ -20,12 +20,12 @@ | |
| 20 | In this document, we set all of that similarity and interoperability |
| 21 | aside and focus on the important differences between the two, especially |
| 22 | those that impact the user experience. |
| 23 | |
| 24 | Keep in mind that you are reading this on a Fossil website, and though |
| 25 | we try to be fair, the information here will inevitably |
| 26 | be biased in favor of Fossil purely because we spend most of our |
| 27 | time using Fossil, not Git. Ask around for second opinions from |
| 28 | people who have used <em>both</em> Fossil and Git. |
| 29 | |
| 30 | If you want a more practical, less philosophical guide to moving from |
| 31 | Git to Fossil, see our [./gitusers.md | Git to Fossil Translation Guide]. |
| @@ -852,35 +852,42 @@ | |
| 852 | This not |
| 853 | only solves the SHAttered problem, it should prevent a reoccurrence of |
| 854 | similar problems for the foreseeable future. |
| 855 | |
| 856 | Meanwhile, the Git community took until August 2018 to publish |
| 857 | [https://git-scm.com/docs/hash-function-transition/ | their plan] for |
| 858 | solving the same problem by moving to SHA-256, a variant of the |
| 859 | [https://en.wikipedia.org/wiki/SHA-2 | older SHA-2 algorithm]. That is |
| 860 | now technically implemented in the sense that <tt>git init |
| 861 | --object-format=sha256</tt> exists, but note well: this is not only an |
| 862 | optional setting, Git forge support is mixed, most notably |
| 863 | [https://github.com/GitoxideLabs/gitoxide/issues/281 | lacking in |
| 864 | GitHub], plus also BitBucket and others. This is doubtless because of |
| 865 | this warning in the latest ([https://git-scm.com/docs/git-init/2.54.0 | |
| 866 | as of this writing]) <tt>git init</tt> docs: |
| 867 | |
| 868 | <blockquote>Note: At present, there is no interoperability between |
| 869 | SHA-256 repositories and SHA-1 repositories.</blockquote> |
| 870 | |
| 871 | Although we are now in the <i>tenth year</i> of this situation, there |
| 872 | remains hope that Git will manage to make the transition without taking |
| 873 | the full decade: the |
| 874 | [https://www.deployhq.com/blog/git-3-0-on-the-horizon-what-git-users-need-to-know-about-the-next-major-release |
| 875 | | latest plan] is that Git 3.0 will finally <i>(finally!)</i> switch to |
| 876 | SHA256 by default, forcing the issue. Given the track record, we are |
| 877 | taking a "show me" stance on this claim. |
| 878 | |
| 879 | Always remember, attacks only get better, never worse. |
| 880 | Almost three years after Fossil solved this problem, the |
| 881 | [https://sha-mbles.github.io/ | SHAmbles attack] was published, further |
| 882 | weakening the case for continuing to use SHA-1. |
| 883 | |
| 884 | The practical impact of attacks like SHAttered and SHAmbles on the |
| 885 | Git and Fossil Merkle trees isn't clear, but you want to have your repositories |
| 886 | moved over to a stronger hash algorithm <i>before</i> someone figures out how |
| 887 | to make use of the weaknesses in the old one. Fossil's solution is long |
| 888 | since [https://repology.org/project/fossil/versions | universally deployed]. |
| 889 | |
| 890 | <hr/> |
| 891 | |
| 892 | <h3>Asides and Digressions</h3> |
| 893 | |
| 894 |