Easier for humans to parse, but introduces the threat vector of malicious attackers modifying the history and force submitting malicious code at or before a pinned time. That's why lock files exist.
SHA is still the way to go for those who are security sensitive.
No comments yet.