mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

larger headings

Browse source
This commit is contained in:
Joey Hess 2017-02-27 16:17:19 -04:00
parent b78703ca4e
commit 3f876f72e3
No known key found for this signature in database
GPG key ID: C910D9222512E3C7
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
doc/tips/using_signed_git_commits.mdwn
View file

@ -6,7 +6,7 @@ is the same data that was originally commited to it.
This is recommended if you are storing any kind of binary
files in a git repository.
### How to do it
## How to do it
You need git-annex 6.20170228. Upgrade if you don't have it.
@ -28,7 +28,7 @@ Use `git log --show-signature` to check the signatures of commits.
If the signature is valid, it guarantees that all annexed files
have the same content that was orignally committed.
### Why is this more secure than git alone?
## Why is this more secure than git alone?
SHA1 collisions exist now, and can be produced using a common-prefix
attack. See <https://shattered.io/>. Let's assume that a chosen-prefix