Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

enh: upgrade hashing to SHA-256 for enhanced security #1178

Closed
wants to merge 1 commit into from
Closed

enh: upgrade hashing to SHA-256 for enhanced security #1178

wants to merge 1 commit into from

Conversation

MashyBasker
Copy link

Overview

This pull request updates the hashing algorithms used in the codebase from SHA-1 and MD5 to the more secure SHA-256. The primary motivation behind this change is to enhance the overall security posture of the system by adopting stronger cryptographic standards.

Changes made

  • Updated the existing(insecure) hashing algorithms SHA-1 and MD5 to the more secure SHA-256

Related issues

@MashyBasker
enh: upgrade hashing to SHA-256 for enhanced security
e8d859d 
Signed-off-by: Maharshi Basu <basumaharshi10@gmail.com>
@codecov Codecov
Copy link

codecov bot commented Feb 12, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (0c18028) 70.41% compared to head (e8d859d) 70.38%.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #1178      +/-   ##
==========================================
- Coverage   70.41%   70.38%   -0.04%     
==========================================
  Files         174      174              
  Lines       27515    27515              
==========================================
- Hits        19376    19367       -9     
- Misses       8139     8148       +9

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@rahulbaghel007
Copy link

rahulbaghel007 commented Feb 17, 2024
edited

is the issue is resolved ? or need to work to resolve the error related to babel-eslint

@MashyBasker
Copy link
Author

The fields where md5 and sha-1 are used aren't for security and are just used for deterministic values. As for the babel-eslint problem, I have created a PR for it to use bslint, similar to the one in bsock.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Use of Weak Hashing Algorithms (MD5 and SHA1) during Client Initialization
2 participants
@MashyBasker @rahulbaghel007