Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't use md5 for computing the lockfile filename #212

Merged
merged 2 commits into from
Jul 1, 2024
Merged

Don't use md5 for computing the lockfile filename #212

merged 2 commits into from
Jul 1, 2024

Conversation

dcermak
Copy link
Owner

@dcermak dcermak commented Jul 1, 2024
edited
Loading

md5 is forbidden in FIPS mode, rely on SHA256 instead

This fixes #213

@grisu48 grisu48 mentioned this pull request Jul 1, 2024
Closed
grisu48
grisu48 previously approved these changes Jul 1, 2024
View reviewed changes
@codecov Codecov
Copy link

codecov bot commented Jul 1, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 94.92%. Comparing base (27989dd) to head (9778668).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #212      +/-   ##
==========================================
- Coverage   94.93%   94.92%   -0.01%     
==========================================
  Files           9        9              
  Lines        1105     1103       -2     
  Branches      229      229              
==========================================
- Hits         1049     1047       -2     
  Misses         42       42              
  Partials       14       14

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

dirkmueller
dirkmueller previously approved these changes Jul 1, 2024
View reviewed changes
Copy link
Collaborator

@dirkmueller dirkmueller left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

for futureproofing you might want to add usedforsecurity=False on sha256 as that algorithm is on its way out also.

@dcermak dcermak dismissed stale reviews from dirkmueller and grisu48 via c2b6d11 July 1, 2024 13:21
grisu48
grisu48 previously approved these changes Jul 1, 2024
View reviewed changes
@dcermak dcermak force-pushed the dont-use-md5 branch 2 times, most recently from 2423eb3 to 937d04a Compare July 1, 2024 15:06
dirkmueller
dirkmueller previously approved these changes Jul 1, 2024
View reviewed changes
@dirkmueller dirkmueller enabled auto-merge July 1, 2024 15:57
dcermak added 2 commits July 1, 2024 22:26
@dcermak
Don't use md5 for computing the lockfile filename
7a5ddca 
md5 is forbidden in FIPS mode, rely on sha3-256 instead
@dcermak
Import _pytest.mark instead of importing classes directly
9778668 
For $reasons, python 3.12.4 causes issues with Sphinx no longer correctly
recognizing its nitpicky allowlist when performing a `from $smth import
foo`. But `import $smth` and then using `$smth.foo` directly works, so we use
that ¯\_(ツ)_/¯
@dirkmueller dirkmueller merged commit 9195b00 into main Jul 1, 2024
39 of 41 checks passed
@dirkmueller dirkmueller deleted the dont-use-md5 branch July 1, 2024 21:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dirkmueller dirkmueller dirkmueller left review comments

@grisu48 grisu48 grisu48 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

UnsupportedDigestmodError on 15-SP6 FIPS mode
3 participants
@dcermak @dirkmueller @grisu48