| ▲ | Lermatroid 5 days ago | |
Dates make pinning easier than looking up a SHA | ||
| ▲ | tfsh 5 days ago | parent | next [-] | |
Easier for humans to parse, but introduces the threat vector of malicious attackers modifying the history and force submitting malicious code at or before a pinned time. That's why lock files exist. SHA is still the way to go for those who are security sensitive. | ||
| ▲ | CGamesPlay 5 days ago | parent | prev [-] | |
Fair. If we're talking about documenting this feature, we should point out that SHA is immutable, while branches, tags, and dates are mutable references. | ||