From cde3a924aec6bcd47ede650572bffa8c414243cf Mon Sep 17 00:00:00 2001
From: Joey Hess <joeyh@joeyh.name>
Date: Mon, 27 Feb 2017 13:50:00 -0400
Subject: make fsck check annex.securehashesonly, and new tip for working
 around SHA1 collisions with git-annex

This commit was sponsored by andrea rota.
---
 doc/git-annex.mdwn | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'doc/git-annex.mdwn')

diff --git a/doc/git-annex.mdwn b/doc/git-annex.mdwn
index 1c905766d..2f7635f41 100644
--- a/doc/git-annex.mdwn
+++ b/doc/git-annex.mdwn
@@ -829,6 +829,18 @@ Here are all the supported configuration settings.
   This is overridden by annex annex.backend configuration in the
   .gitattributes files.
 
+* `annex.securehashesonly`
+
+  Set to true to indicate that the repository should only use
+  cryptographically secure hashes
+  (SHA2, SHA3) and not insecure hashes (MD5, SHA1) for content.
+
+  When this is set, the contents of files using cryptographically
+  insecure hashes will not be allowed to be added to the repository.
+  
+  Also, git-annex fsck` will complain about any files present in
+  the repository that use insecure hashes.
+
 * `annex.diskreserve`
 
   Amount of disk space to reserve. Disk space is checked when transferring
-- 
cgit v1.2.3