Page MenuHomeSoftware Heritage
Create Task
Maniphest T3134

SWHID v2
Closed, MigratedEdits Locked
Actions

Description

This is a meta-task to track activities related to rolling out the next version of SWHID (aka v2).
This includes the following:

  • complete on paper spec
  • aligned with work done on new git hashes
  • including migration plan from/cohabitation with v1 (N.B.: we need to maintain SWHID v1 support forever anyway)
  • understand impact on internal microservice architecture (related to T1805, in particular use SWHIDs everywhere (core SWHIDs, without qualifiers))
  • keep correspondence with v1 (there may be multiple v2 for one v1!)
  • reviewed by crypto experts

Related Objects
Search...

Event Timeline

rdicosmo created this task.Mar 15 2021, 8:09 PM
rdicosmo updated the task description. (Show Details)Mar 15 2021, 8:11 PM
vlorentz triaged this task as Normal priority.Mar 19 2021, 4:21 PM
vlorentz merged a task: T2212: Specification for swh:2+: identifiers.
vlorentz added a project: Roadmap 2020.
vlorentz added a parent task: T2210: Data Model.
vlorentz assigned this task to zack.Apr 23 2021, 4:50 PM
vlorentz added a subtask: T1957: Handling missing DAG nodes.Oct 14 2021, 12:12 PM
vlorentz removed a subtask: T1957: Handling missing DAG nodes.
vlorentz mentioned this in T3594: Faithfully store weird git objects.Nov 26 2021, 4:40 PM
anlambert added a comment.Dec 7 2021, 4:55 PM

SWHID v2 should also prevent the hash collision issues we are currently facing (some related to the SHAttered attack on SHA1), see T3775 and SWH-LOADER-GIT-JT.

anlambert mentioned this in T3775: Dealing with repositories with contents that produces hash conflicts (example included from GitLab).Dec 7 2021, 4:56 PM
rdicosmo added a comment.Dec 8 2021, 3:19 PM
In T3134#75077, @anlambert wrote:

SWHID v2 should also prevent the hash collision issues we are currently facing (some related to the SHAttered attack on SHA1), see T3775 and SWH-LOADER-GIT-JT.

After a closer look, it appears that this issue is not specific to SWHv1, or the future SWHv2, but to our data model and ingestion pipeline.
T3775 has been updated accordingly.

vlorentz added a subscriber: vlorentz.Dec 17 2021, 10:53 AM

wishlist: it would be nice ot be able to check the whole hash of a revision/release even when the author name/email are replaced by a hash. (eg. by making SWHIDv2 a tree hash)

douardda added a comment.Jan 3 2022, 12:02 PM
In T3134#76032, @vlorentz wrote:

wishlist: it would be nice ot be able to check the whole hash of a revision/release even when the author name/email are replaced by a hash. (eg. by making SWHIDv2 a tree hash)

I agree, would make anonymous exports much more usable for example.

bchauvet added a project: Roadmap 2022.Mar 23 2022, 4:42 PM
bchauvet lowered the priority of this task from Normal to Low.Mar 25 2022, 5:26 PM
gitlab-migration closed subtask T3316: SWHID v2: determine binary-to-text encoding for checksum part as Migrated.Jan 8 2023, 5:02 PM
gitlab-migration closed this task as Migrated.Jan 8 2023, 10:22 PM
gitlab-migration claimed this task.
gitlab-migration added a subscriber: gitlab-migration.

This task has been migrated to GitLab.

gitlab-migration closed subtask T3609: SWHIDv2: List issues with SWHIDv1 that should be fixed as Migrated.Jan 8 2023, 10:23 PM
About · Developer information · Legal