标准摘要
[中文适用范围]: 本规范定义了引用软件工件的标准数据格式,这些工件符合现代分布式版本控制系统数据模型的结构。该格式包括文件系统层次结构的典型树状结构,但还包含用于跟踪修订和发布以及版本控制系统的完整状态的特殊节点(包括所有开发分支)。SWHIDs的关键属性是:它们可以直接使用加密散列函数从引用的对象计算出来,任何拥有这些对象副本的人都可以进行计算。这使得去中心化且独立地验证完整性成为可能,而无需依赖注册表或中央权威机构。SWHID标识符的计算基于Merkle无向有向图(Merkle DAG),这是Merkle树的自然扩展。SWHIDs的解析(即获取与给定SWHID对应的数字工件副本的过程)超出了本规范的范围。 [外文原描述]: This specification defines a standard data format for referencing software artifacts that match the data model of modern distributed version control systems. This format includes the typical tree-like structure of a filesystem hierarchy, but also, special nodes to track revisions and releases, as well as the full status of a version control system, with all its development branches. A key property of SWHIDs is that they can be computed using cryptographically strong functions directly from the digital objects they refer to, by anyone that has access to a copy of those objects. This enables decentralised and independent verification of integrity, without relying on a registry or a central authority. The computation of the SWHID identifiers is based on Merkle Acyclic Directed Graphs, a natural generalization of Merkle trees. The resolution of SWHIDs, that is, the process of obtaining a copy of a digital artifact corresponding to a given SWHID, is outside the scope of this specification.
英文名称Information technology - SoftWare Hash IDentifier (SWHID) Specification V1.2