Linus referred to the fact that git performs recognition by their hash function.
Git trees are objects consisting of several (trees, drops) (read: blob = file, roughly).
The cryptographic hash of the parent node in is the hash hash of all source trees / blobs recursively. Such trees are known as Merkle (Hash) Trees and have the interesting property that a top-level hash is a cryptographically strong hash that uniquely identifies the entire tree.
Note that the hash includes commit attributes, and they include parent identifiers. That is, if any file in any revision ever changes, the hash from the blob changes, so the hash with the containing trees changes, the hash of the snapshot changes (the root tree), the hash of the commit changes; the hash of any child needs to be changed, etc. d. The whole story will be changed.
If any of these rules is violated, it will be trivially detectable:
- the hash of one tree is deterministically checked in O (n), where n is the number of objects in the root tree
- the integrity of the entire history of the branches is deterministically checked in O (n), where n is the number of nodes in the revision chain.
In fact, git-verify-tag , git fsck are useful commands for performing verification explicitly. In addition, verification automatically occurs in git subcommands (send-pack, receive-pack, read-tree, tree-tree, etc.).
Re: Replace protective flow
In this first Linus post, he is already deconstructing / defusing the bomb:
Hm. Scary. It was not supposed to be successful with a corrupt repo.
If you did not make the .grafts file to hide the damage or something else like this?
This is immediately confirmed by Denis Bueno in the response.