Join GitHub today
Use SHA-1 for non-sensitive digests by default #31651
Followup to #31289.
Instead of providing a configuration option to set the hash function, switch to SHA-1 for new apps and allow upgrading apps to opt in later via
@georgeclaghorn, does this address your concern from #31289 about cache invalidations for existing apps? Upgrading to 5.2 wouldn't change anything, but flipping the setting later would still invalidate every key. If busting the cache is a complete no-go, you could just never do that.