|
|
|
|
|
|
by wongarsu
4078 days ago
|
|
|
By breaking SHA1 you could covertly edit older commits, but existing contributors would still have the original version. As soon as somebody edits code at the intrusion it would be discovered because it would merge cleanly locally but cause a merge conflict on github. Of course on big projects a lot of the code isn't touched in years but we're talking about revealing that somebody broke SHA1. It sounds very risky given the stakes. |
|
|