[ratorx]

> cryptographically unique

Git uses SHA1 which is pretty far from cryptographically secure. It’s unlikely that’s the sole reason for having a separate checksum database though.

[justinclift]

Doing some searching around online, it seems like git introduced sha256 support several years ago.

[dharmab]

Only for some local operations- git protocol still uses SHA-1 for compatibility with old clients, and existing SHA-1 objects in old repositories aren't converted.