You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2022/08/08 19:59:47 UTC

[GitHub] [superset] actionjax commented on a diff in pull request #21014: fix: make fips compliant by replacing md5 with sha256 and random lib

actionjax commented on code in PR #21014:
URL: https://github.com/apache/superset/pull/21014#discussion_r940614841


##########
superset/key_value/utils.py:
##########
@@ -61,9 +61,9 @@ def decode_permalink_id(key: str, salt: str) -> int:
 
 
 def get_uuid_namespace(seed: str) -> UUID:
-    md5_obj = md5()
-    md5_obj.update(seed.encode("utf-8"))
-    return UUID(md5_obj.hexdigest())
+    rd = random.Random()

Review Comment:
   Yes, at first I thought the uuid was only used in cache, looks like that hash is stored in the db. To address your concern about deterministic I've replaced random with sha256. Will look to see how we can make this backwards compatible.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org