Content-Length: 271439 | pFad | http://github.com/astral-sh/ruff/pull/16580

70 [flake8-bandit] Update insecure hash functions (S324) by VascoSch92 · Pull Request #16580 · astral-sh/ruff · GitHub
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[flake8-bandit] Update insecure hash functions (S324) #16580

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[flake8-bandit] Update insecure hash functions (S324) #16580

wants to merge 1 commit into from
+76 −2

Conversation

VascoSch92
Copy link
Contributor

This PR solves issue #16572

Could be an idea to define a HashSet containing the names of the insicure hash functions? In this way would be easier to update in case other insicure hash functions are added to the list.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Mar 9, 2025

ruff-ecosystem results

Linter (stable)

✅ ecosystem check detected no linter changes.

Linter (preview)

✅ ecosystem check detected no linter changes.

@AlexWaygood AlexWaygood changed the title [flake8-bandit] Update insicure hash functions (S324) [flake8-bandit] Update insecure hash functions (S324) Mar 9, 2025
MichaReiser
MichaReiser reviewed Mar 10, 2025
View reviewed changes
crates/ruff_linter/src/rules/flake8_bandit/rules/hashlib_insecure_hash_functions.rs
Comment on lines +147 to +150
| "ssl3-md5"
| "ssl3-sha1"
| "1.3.14.3.2.26"
| "1.2.840.113549.2.5"
Copy link
Member

@MichaReiser MichaReiser Mar 10, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd like to have a link to a reference documenting that these are references. I also think that they are so obscure (the number once), that I don't feel like we have to support them.

A reference is important because I otherwise find it impossible to know what these obscure numbers refer to and if they are indeed insecure.

Edit: I took a closer look at the issue. I think it's perfectly fine if Ruff only supports the guaranteed hash functions and that we, instead, should update the documentation to state so.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey,

Thanks for the feedback. I tried to find a clear reference, but it's hard to find one which resume all the insicure hash-functions (or I'm not good in searching ;-)) . I agree that it makes sense for Ruff to only support reliably secure hash functions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MichaReiser MichaReiser MichaReiser left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@VascoSch92 @MichaReiser








ApplySandwichStrip

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


--- a PPN by Garber Painting Akron. With Image Size Reduction included!

Fetched URL: http://github.com/astral-sh/ruff/pull/16580

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy