[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #61594] suggest new $(hash ...) function

From: anonymous
Subject: [bug #61594] suggest new $(hash ...) function
Date: Tue, 30 Nov 2021 23:36:43 -0500 (EST)
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.55 Safari/537.36


                 Summary: suggest new $(hash ...) function
                 Project: make
            Submitted by: None
            Submitted on: Wed 01 Dec 2021 04:36:41 AM UTC
                Severity: 3 - Normal
              Item Group: Enhancement
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any
       Component Version: SCM
        Operating System: None
           Fixed Release: None
           Triage Status: None



Historically there's been a certain amount of resistance to adding new native
functions to GNU make but a few have come in lately so ... I wonder if the
idea of providing a hashing function has been considered?

I'm not thinking of a cryptographically secure hash, just something that could
be used as a convenient digital signature. The use case I'm thinking of in
particular is the advanced topic of forcing rebuild on command-line changes,
which of course requires stashing the previous command line for comparison.
Unfortunately, in some cases command lines can be very long and ugly; in our
case they're >2K chars apiece. Stashing these can be done, and in fact we do
it, but it would be much nicer and simpler if a SHA-1 or similar signature
could be stashed instead.

It seems relatively easy to implement and document, assuming the GNU hashing
functions are available somehow. The question in my mind, if it was to go
forward, would be whether to give it a specific name and nail down the
algorithm, such as $(sha-3,$(data)), or a generic name like $(hash,$(data)).
Historically every hashing algorithm has been superseded by a better one every
few years, which argues for $(hash ...), but on the other hand it's not
intended for security anyway so anything with a sufficiently infinitesimal
collision rate would be fine and there might be value in being able to
generate a known hash like SHA-1.

Just a thought. Close with prejudice if not interested.


Reply to this item at:


  Message sent via Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]