On 2020-08-13 at 20:34:10, Junio C Hamano wrote: > Martin Ă…gren writes: > > >> IOW, you question "if we go a few releases without any major issues" > >> part? I tend to agree that for a large change like this, a few > >> releases may not be sufficiently long time for a feature that is > >> marked as experimental in big flashing red letters to get exercised > >> enough to get major issues noticed. > > > > Yeah, thanks for summarizing what I failed to express using so many > > words. > > > > I'm fully open to the idea that some people want to leave SHA-1 behind > > and that they can do it today, in some "local" sense. If those people > > are fully aware that they are guinea pigs, it might actually be ok for > > us to subject them to a few rounds of "oops, Git v2.32.0 produces data > > that v2.34.0 and later will barf on". Or at least it would be on our > > table whether we wanted to be that cavalier. > > > > Once SHA-256 repos as such are no longer experimental, I fear that we > > can only buy ourselves that leeway by introducing fiftyeleven different > > config flags for "please produce auxiliary files X even if you don't > > actually use them", "please do use X, and I'm fully expecting to trip on > > them if you decide to tweak them in backwards-incompatible ways", and so > > on. The alternative to buying such leeway might be to establish, pretty > > early on, a respectable set of things we support "for compatibility > > reasons". > > OK, so can we resolve this one way or the other and move on? > > For now, I'd vote for applying this warning patch, but with or > without such warning, it is more important to iron out those details > we fear might have to change. I'm fine with applying this patch. As for changes, I don't think there's any changes we need to make for a stage 4 implementation. It works and it passes the testsuite. I've verified the block and gcrypt SHA-256 implementations produce identical results, which was my major worry. Other than the philosophical disagreement over whether index v1 and v2 should support SHA-256, I don't think there's any points of contention. When we add support for SHA-1 interoperability, then we'll need pack index v3, proper multi-pack index support, and the loose object index. Those are being written at the moment, and I think it's fine to add a tool to generate the necessary files once that code is in place (which, it's looking like, can just be a shell script that pipes every loose object to git hash-object and rebuilds the pack indexes). Support for interoperability is an additional extension, so we don't have any compatibility concerns and we can generate all of those files based on that option. I don't plan to enable support for extensions.compatObjectFormat without all of the required pieces in place. There won't be any incremental steps there. -- brian m. carlson: Houston, Texas, US