zstd also has an rsyncable option -- as an example of when it's useful, I take a dump of an SQLite database (my Home Assistant DB) using a command like this:

    sqlite3 -readonly "${i}" .dump | zstd --fast --rsyncable -v -o "${PART}" -

Word list based passphrases mostly avoid this, by not including those words. Which still doesn't mean you won't get something offensive, of course, it'll just be a string of four words instead of four letters.

You can store a normalised form -- so if the password is `PaSsWoRd` and the user tries to change it to `pA55wOrD`, a normalisation that lower-cases, turns 1 and i into l, turns 2 and 5 into s, and turns 4 into a, would normalise both to `password`.

Or if you want a slightly more convoluted mechanism, when someone changes their password you have both in plain-text and you can take a copy of the old password at that point -- after all, it's not being used as a password any more! For bonus fun, submit all previous passwords to pwned passwords. Password reuse makes this a bad idea in general, specific policies attempting to mandate it will not be an issue notwithstanding.

There is, as ever, an XKCD for this: https://xkcd.com/810/

Ah, I'd misunderstood how much the git binary was used for. I think I might go with could be a porcelain, if you don't mind? It's far too late for me to edit my comment now.

I'm a smidge late to the "early adopters" party, but I've been using Jujitsu intensively for a couple of weeks now and do not intend to stop :).