You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
archlinux-inputs-fsck currently only recognises Git sources pinned by a commit hash as secure. However as outlined in a recent arch-dev-public mailing list post, pinning the SHA-1 hash of the tag object is as secure as pinning the commit ID:
archlinux-inputs-fsck currently only recognises Git sources pinned by a commit hash as secure. However as outlined in a recent arch-dev-public mailing list post, pinning the SHA-1 hash of the tag object is as secure as pinning the commit ID:
Therefore
is_commit_securely_pinned()
should distinguish the case when the tag "name" is a 40-digit hex ID and return true in this case.The text was updated successfully, but these errors were encountered: