On Sat, Aug 2, 2014 at 4:41 PM, Marko Rauhamaa <ma...@pacujo.net> wrote: > I don't know why you way hg and git have no threat models. A great deal > of damage could be inflicted if you could sneak malicious edits into > version control systems without altering the hash.
You would have to somehow push that change into someone else's repository. I'm not sure how you'd go about doing that without actually having a commit, which will be kinda visible. ChrisA -- https://mail.python.org/mailman/listinfo/python-list
