summaryrefslogtreecommitdiff
path: root/content/entry
diff options
context:
space:
mode:
Diffstat (limited to 'content/entry')
-rw-r--r--content/entry/journal-update-25.md25
1 files changed, 25 insertions, 0 deletions
diff --git a/content/entry/journal-update-25.md b/content/entry/journal-update-25.md
new file mode 100644
index 0000000..85a4bfe
--- /dev/null
+++ b/content/entry/journal-update-25.md
@@ -0,0 +1,25 @@
+---
+title: "Journal Update 25"
+date: 2023-10-22T00:00:00Z
+tags: ['journal updates']
+draft: false
+---
+## What's New
+
+* [Received generous financial support](/2023/09/28/will-you-support-my-work/ "Will You Support My Work?"). Thanks everyone who has donated. I was not expecting so much help!
+* [Added SimpleX as a contact method.](/about/ "About Page") I now offer SimpleX as a private and secure way to contact me.
+* [Made minor journal theme improvements and bug fixes.](https://git.nicholasjohnson.ch/hugo-theme-journal/diff/?id=324f7ead1c9333c8580277316ae9f620dfed3d715e805b5f824d6fe4da15567e&id2=89e7b7b8c4bdb63cb5f6f154fd0d9c18a4beabff57d1f01f1adbf8219b1a3d49 "Journal Theme Improvements")
+* [Updated my Git repositories to SHA-256.](https://git.nicholasjohnson.ch "My Git Repositories") This is my main reason for making this journal update. It's a significant change and I wanna spend some time talking about how and why I did it.
+
+For those who are not in the know, Git used to use SHA-1 for file and commit identity and integrity checking. SHA-1 is a [weak](https://shattered.io/ "SHAttered") cryptographic hash function that shouldn't be used anymore. Git has since switched to using SHA-1dc by default, a hardened version of SHA-1, but there's still a desire to transition away from any SHA-1 variant to the properly secure SHA-256. The transition plan was created in 2017. Six years later, some work has gone towards the transition, but it's incomplete and could remain that way for years to come.
+
+Git itself and an increasing number of software forges support SHA-256, but there's no compatibility between SHA-1dc and SHA-256 repos yet. This had been bugging me since SHA-1dc likely has lower longevity than SHA-256 and it being broken would render my [signify signatures](https://git.nicholasjohnson.ch/git-signify "git-signify") meaningless, and the full transition could still be years off. So I set out to transition my repos (not forked ones) to SHA-256 myself. For everybody else, I recommend just waiting for the official solution.
+
+In the end, I succeeded using a small script I hacked together and some manual rebasing. An alternative solution I considered was creating new SHA-256 Git repos based on the latest commit of my old SHA-1 repos. This solution would've been much quicker, easier, and less error-prone than what I did, but it also would've doubled the number of Git repos I have and created a messy situation where the commit history is split across two separate incompatible repos.
+
+In conclusion, I'm happy with the results and I'll make sure every new Git repository I create uses SHA-256 to avoid this situation in the future.
+
+
+## Future Plans
+
+As for future plans, I'm still slowly working on getting rid of the [promoted page](/promoted/ "Promoted Page") and adding more [tags](/tags/ "Tags").