You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In #670, the attribute content_hash was added to the list of usable item attributes. Previously, that was only used for checking for differences between locally generated files and those deployed on a node.
Since we're now using that hash to also verify downloaded content, we probably should use sha256 for content_hash, since that's (currently) not susceptible to hash collision attacks.
(Since that's a breaking change, we should add this to the 5.0.0 milestone)
The text was updated successfully, but these errors were encountered:
In #670, the attribute
content_hash
was added to the list of usable item attributes. Previously, that was only used for checking for differences between locally generated files and those deployed on a node.Since we're now using that hash to also verify downloaded content, we probably should use sha256 for
content_hash
, since that's (currently) not susceptible to hash collision attacks.(Since that's a breaking change, we should add this to the 5.0.0 milestone)
The text was updated successfully, but these errors were encountered: