On Tue, Jun 03, 2025 at 01:38:49PM +0900, Michael Paquier wrote: > I'm not sure that this is necessary. Only requiring one to use > --retain sounds kind of enough to me.
Yeah, maybe we should just leave it alone for now. > Saying that, warning users if they have MD5 passwords is a good idea, > because we would already have the code in place to flip it to an error > once/if MD5 is entirely removed. An upgrade failure retains the log > and dump folders around, meaning that users would be able to know the > list of users all the time. Right. I'll bring this up with the others on the RMT today. -- nathan
