As a way to avoid relying on SHA-1, would it work to have git-debpush
include a longer hash in the tag message, and tag2upload also verify
that hash?
- tag2upload (git-debpush) service architecture - draft Ian Jackson
- Re: tag2upload (git-debpush) service architecture -... Jonathan McDowell
- Re: tag2upload (git-debpush) service architectu... Sean Whitton
- Re: tag2upload (git-debpush) service architectu... Ian Jackson
- Re: tag2upload (git-debpush) service architecture -... Bastian Blank
- Re: tag2upload (git-debpush) service architectu... Rebecca N. Palmer
- Re: tag2upload (git-debpush) service archit... Bernd Zeimetz
- Re: tag2upload (git-debpush) service ar... Rebecca N. Palmer
- Re: tag2upload (git-debpush) servi... Ian Jackson
- Re: tag2upload (git-debpush) s... Rebecca N. Palmer
- Re: tag2upload (git-debpus... Sean Whitton
- Re: tag2upload (git-debpus... Rebecca N. Palmer
- Re: tag2upload (git-debpus... Sean Whitton
- Re: tag2upload (git-debpus... Bastian Blank
- Re: tag2upload (git-debpus... Rebecca N. Palmer
- Re: tag2upload (git-debpus... Sean Whitton
