Skip to content
  • Joey Hess's avatar
    When proxying an upload to a special remote, verify the hash. · fcc052be
    Joey Hess authored
    While usually uploading to a special remote does not verify the content,
    the content in a repository is assumed to be valid, and there is no trust
    boundary. But with a proxied special remote, there may be users who are
    allowed to store objects, but are not really trusted.
    
    Another way to look at this is it's the equivilant of git-annex-shell
    checking the hash of received data, which it does (see StoreContent
    implementation).
    fcc052be
To find the state of this project's repository at the time of any of these versions, check out the tags.