apache
Increasing hash key length
Issue
Hash key length is different in different sections of project. We are increasing two of them to 64. We received an issue stating that Gradle Project Trust and CLI Handler - hash key length can be increased.
Changes
Increased hash key length to 64 in below projects Bootstrap/org.netbeans.CLIHandler and Gradle-Projects/org.netbeans.modules.gradle.ProjectTrust
Please ensure the commits are grouped into atomic changes. There is no squash-on-merge in the NetBeans repository, as github side merges are unreliable regarding the author information.
What is missing in the commit message and the PR is the motivation. The commit message currently only gives the "what", but that is already answered by the diff, the "why" is the interesting part.
If I get it correctly, it was determined, that 14-18 bytes are not enough randomness. And the keys are used to verify local connections from NB cli and gradle.
@matthiasblaesing Yes, we want to increase the randomness. I added this in the description and squashed the commits. Please approve the PR
@subhash-arabhi please update the commit message. The commit message should explain why a change was done. What is more the summary line should give a meaningful summary. Reading the current summary I wonder which hash key lengths?
This still leaves the question: why is 64 right and 16 wrong. How did you determine that? Another question: is this just a random value at runtime or is it stored somewhere? If it is stored, why are the changed lengths not problematic?
@matthiasblaesing, @lahodaj I have updated the PR message. We received an issue stating that Gradle Project Trust and CLI Handler - hash key length can be increased. For public repos the summaries and messages are kept minimal. Please take a look and approve it.