mirror of
https://github.com/AGWA/git-crypt.git
synced 2025-12-26 04:40:41 -08:00
01f152b746
Git-crypt's position has always been that authentication is best left to Git, since 1) Git provides immutable history based on SHA-1 hashes as well as GPG-signed commits and tags, and 2) git-crypt can't be used safely anyways unless the overall integrity of your repository is assured. But, since git-crypt already has easy access to a (truncated) HMAC of the file when decrypting, there's really no reason why git-crypt shouldn't just verify it and provide an additional layer of protection.
40 KiB
40 KiB