refactor: add 'usedforsecurity=False' arg to hashlib.md5 usage#1190
refactor: add 'usedforsecurity=False' arg to hashlib.md5 usage#1190erezsh merged 3 commits intolark-parser:masterfrom
Conversation
cquick01
force-pushed
the
hashlib-fips-support
branch
from
650c03f to
a0b6bb4
Compare
|
I didn't realize we call md5 from 3 different places. Would you mind refactoring it into a single function, like |
|
Thanks! Also, mypy fails with Can you check if there's a way to fix this? If not, adding an "ignore" comment is good enough for me. |
|
Latest commit adds an explicit check for Python 3.9+ to pass the Latest commit: if sys.version_info >= (3, 9):
return hashlib.md5(s.encode('utf8'), usedforsecurity=False).hexdigest()
else:
return hashlib.md5(s.encode('utf8')).hexdigest()Or slightly cleaner version with less repeated code hashlib.new("md5", s.encode("utf8"), usedforsecurity=False).hexdigest() # type: ignore |
|
Looks good to me. I'll wait a bit to see if @MegaIng has anything to add. |
MegaIng
left a comment
MegaIng
left a comment
There was a problem hiding this comment.
I don't really have anything to add. IMO a version check is cleaner than a type ignore.
|
@cquick01 Thank you for your contribution! |
|
Thank you all for working on this fix. When might the next release be cut? |
|
It's probably about time for a new release! I'll try to do it early next week. |
|
@jjtroberts Released 1.1.3 |
4 participants
This argument was introduced in Python 3.9, but using
hashlib.new()prevents <3.9 versions from throwing an exception.Tested running locally against 3.7, 3.9, and 3.10.
Closes #1187