dateparser icon indicating copy to clipboard operation
dateparser copied to clipboard

Published 20 hours ago verified publisher icon scrapinghub

Replace md5 with sha512

Open vvalouch opened this issue 2 years ago • 3 comments

MD5 is not FIPS compliant thus I am proposing replacement with SHA512.

vvalouch avatar Sep 12 '22 12:09 vvalouch

This is not a cryptographic use of md5, I believe, we are not handling unsafe input here, so I do not see the point: a slower algorithm with no added security benefit.

Gallaecio avatar Oct 20 '22 14:10 Gallaecio

@Gallaecio we should allow some sort of switch md5 is not FIPS compliant, and will crash on FIPS enabled machines. unless the usedforsecurity=false which is only avaialable on python >3.9

florin-szilagyi avatar Apr 16 '24 16:04 florin-szilagyi

Sounds like setting usedforsecurity=False on Python 3.9+ is the way forward, then.

Gallaecio avatar Apr 16 '24 17:04 Gallaecio