Y
Hacker News
new
|
ask
|
show
|
jobs
by
bqmjjx0kac
1086 days ago
Unless someone is very good at finding SHA1 collisions.
2 comments
NhanH
1086 days ago
The collisions need to deliver malicious payload as well, making it extra hard
link
manwe150
1086 days ago
Those are still very hard to get for a random hash, and GitHub I think warns (or blocks?) you if you try to push a hash with a known vulnerability.
link