W dniu śro, 15.11.2017 o godzinie 17∶28 +0100, użytkownik Michał Górny napisał: > Hi, everyone. > > The Council has approved the manifest-hashes switch on 2017-11-12 > meeting [1]. The transition will occur to the initial plan, with small > changes. The updated plan is included at the end of this mail. > > According to this plan, BLAKE2B will be enabled on 2017-11-21. This > means that starting at this time, all new and updated DIST entries will > use BLAKE2B+SHA512. Old DIST entries will still use the current hash set > until updated. > > The developers are required to upgrade to a package manager supporting > this hash. That is: > > a. Portage 2.3.5 when using py3.6+, > > b. Portage 2.3.13 + pyblake2 installed manually, > > c. Portage 2.3.13-r1 that includes the pyblake2 dep. > > Modern (and old) Portage will refuse to update Manifests if it does not > support the necessary hashes. However, Portage versions between 2.3.5 > and 2.3.13 inclusively will create Manifests missing BLAKE2B hash rather > than failing when no hash provider is present. Those Manifests will be > rejected by the git hook. > > Users will not be affected noticeably as the SHA512 hash continues being > used for compatibility. > > > That said, I'd like to request developers not to start proactively > converting all old Manifest entries to the new set immediately, > and instead give some time for things to settle down. > > > > The updated plan > ================ > > Already done: > > - revbumped Portage with pyblake2 dep and started stabilizing it, > > - added git update hook to reject invalid Manifest entries. > > 2017-11-21 (T+7d): > > - manifest-hashes = BLAKE2B SHA512
FYI, this is now online. Please ping me if you have any issues. > > 2018-02-14 (T+3m): > > - manifest-required-hashes = BLAKE2B > > 2018-05-14 (T+6m): > > - last rite fetch-restricted packages that do not use BLAKE2B. > > The final removal of SHA512 will be decided by the Council separately. > > -- Best regards, Michał Górny
