diff options
Diffstat (limited to 'doc/news/version_6.20170228.mdwn')
-rw-r--r-- | doc/news/version_6.20170228.mdwn | 67 |
1 files changed, 0 insertions, 67 deletions
diff --git a/doc/news/version_6.20170228.mdwn b/doc/news/version_6.20170228.mdwn deleted file mode 100644 index 7318d0a7a..000000000 --- a/doc/news/version_6.20170228.mdwn +++ /dev/null @@ -1,67 +0,0 @@ -News for git-annex 6.20170228: - - This version of git-annex has mitigations for SHA1 hash collision - problems. - A new annex.securehashesonly configuration, when used in combination with - signed git commits, avoids potential hash collision problems in git-annex - repositories. For details, see this web page: - <https://git-annex.branchable.com/tips/using\_signed\_git\_commits/> - -git-annex 6.20170228 released with [[!toggle text="these changes"]] -[[!toggleable text=""" - * Cryptographically secure hashes can be forced to be used in a - repository, by setting annex.securehashesonly. - This does not prevent the git repository from containing links - to insecure hashes, but it does prevent the content of such files - from being added to .git/annex/objects by any method. - * Tighten key parser to prevent SHA1 collision attacks generating - two keys that have the same SHA1. (Only done for keys that contain - a hash). This ensures that signed git commits of annexed files - will remain secure, as long as git-annex is using a secure hashing - backend. - * fsck: Warn about any files whose content is present, that don't - use secure hashes, when annex.securehashesonly is set. - * init: When annex.securehashesonly has been set with git-annex config, - copy that value to the annex.securehashesonly git config. - * Added --securehash option to match files using a secure hash function, - and corresponding securehash preferred content expression. - * sync, merge: Fail when the current branch has no commits yet, instead - of not merging in anything from remotes and appearing to succeed. - * Run ssh with -n whenever input is not being piped into it, - to avoid it consuming stdin that it shouldn't. - This fixes git-annex-checkpresentkey --batch remote, - which didn't output results for all keys passed into it. Other - git-annex commands that communicate with a remote over ssh may also - have been consuming stdin that they shouldn't have, which could have - impacted using them in eg, shell scripts. - * sync: Improve integration with receive.denyCurrentBranch=updateInstead, - displaying error messages from the remote then it fails to update - its checked out branch. - * Added post-recieve hook, which makes updateInstead work with direct - mode and adjusted branches. - * init: Set up the post-receive hook. - * sync: When syncing with a local repository located on a crippled - filesystem, run the post-receive hook there, since it wouldn't get run - otherwise. This makes pushing to repos on FAT-formatted removable - drives update them when receive.denyCurrentBranch=updateInstead. - * config group groupwanted numcopies schedule wanted required: - Avoid displaying extraneous messages about repository auto-init, - git-annex branch merging, etc, when being used to get information. - * adjust: Fix behavior when used in a repository that contains - submodules. - * Run wget with -nv instead of -q, so it will display HTTP errors. - * Run curl with -S, so HTTP errors are displayed, even when - it's otherwise silent. - * When downloading in --json or --quiet mode, use curl in preference - to wget, since curl is able to display only errors to stderr, unlike - wget. - * status: Pass --ignore-submodules=when option on to git status. - * config --set: As well as setting value in git-annex branch, - set local gitconfig. This is needed especially for - annex.securehashesonly, which is read only from local gitconfig and not - the git-annex branch. - * Removed support for building with the old cryptohash library. - Building with that library made git-annex not support SHA3; it's time - for that to always be supported in case SHA2 dominoes. - * git-annex.cabal: Make crypto-api a dependency even when built w/o - webapp and test suite."""]]
\ No newline at end of file |