--- title: "Journal Update 25" date: 2023-10-22T00:00:00Z tags: ['journal updates'] draft: false --- ## What's New * [Received generous financial support](/2023/09/28/will-you-support-my-work/ "Will You Support My Work?"). Thanks everyone who has donated. I was not expecting so much help! * [Added SimpleX as a contact method.](/about/ "About Page") I now offer SimpleX as a private and secure way to contact me. * [Made minor journal theme improvements and bug fixes.](https://git.nicholasjohnson.ch/hugo-theme-journal/diff/?id=324f7ead1c9333c8580277316ae9f620dfed3d715e805b5f824d6fe4da15567e&id2=89e7b7b8c4bdb63cb5f6f154fd0d9c18a4beabff57d1f01f1adbf8219b1a3d49 "Journal Theme Improvements") * [Updated my Git repositories to SHA-256.](https://git.nicholasjohnson.ch "My Git Repositories") This is my main reason for making this journal update. It's a significant change and I wanna spend some time talking about how and why I did it. For those who are not in the know, Git used to use SHA-1 for file and commit identity and integrity checking. SHA-1 is a [weak](https://shattered.io/ "SHAttered") cryptographic hash function that shouldn't be used anymore. Git has since switched to using SHA-1dc by default, a hardened version of SHA-1, but there's still a desire to transition away from any SHA-1 variant to the properly secure SHA-256. The transition plan was created in 2017. Six years later, some work has gone towards the transition, but it's incomplete and could remain that way for years to come. Git itself and an increasing number of software forges support SHA-256, but there's no compatibility between SHA-1dc and SHA-256 repos yet. This had been bugging me since SHA-1dc likely has lower longevity than SHA-256 and it being broken would render my [signify signatures](https://git.nicholasjohnson.ch/git-signify "git-signify") meaningless, and the full transition could still be years off. So I set out to transition my repos (not forked ones) to SHA-256 myself. For everybody else, I recommend just waiting for the official solution. In the end, I succeeded using a small script I hacked together and some manual rebasing. An alternative solution I considered was creating new SHA-256 Git repos based on the latest commit of my old SHA-1 repos. This solution would've been much quicker, easier, and less error-prone than what I did, but it also would've doubled the number of Git repos I have and created a messy situation where the commit history is split across two separate incompatible repos. In conclusion, I'm happy with the results and I'll make sure every new Git repository I create uses SHA-256 to avoid this situation in the future. ## Future Plans As for future plans, I'm still slowly working on getting rid of the promoted page and adding more [tags](/tags/ "Tags").