replace sha1 with sha2-256 #19779
Merged
replace sha1 with sha2-256 #19779
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Foresight Summary
View More Details✅ check-links workflow has finished in 49 seconds and finished at 23rd Mar, 2023.
✅ telemetrygen workflow has finished in 1 minute 10 seconds and finished at 23rd Mar, 2023.
✅ prometheus-compliance-tests workflow has finished in 3 minutes 16 seconds (3 minutes 29 seconds less than
|
| Job | Failed Steps | Tests | |
|---|---|---|---|
| prometheus-compliance-tests | - 🔗 | ✅ 21 ❌ 0 ⏭ 0 🔗 | See Details |
✅ build-and-test workflow has finished in 36 minutes 49 seconds (15 minutes 8 seconds less than main branch avg.) and finished at 23rd Mar, 2023.
| Job | Failed Steps | Tests | |
|---|---|---|---|
| unittest-matrix (1.19, connector) | - 🔗 | ✅ 126 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.20, connector) | - 🔗 | ✅ 126 ❌ 0 ⏭ 0 🔗 | See Details |
| correctness-metrics | - 🔗 | ✅ 2 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.19, internal) | - 🔗 | ✅ 583 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.20, internal) | - 🔗 | ✅ 583 ❌ 0 ⏭ 0 🔗 | See Details |
| correctness-traces | - 🔗 | ✅ 17 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.20, extension) | - 🔗 | ✅ 543 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.19, extension) | - 🔗 | ✅ 543 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.20, processor) | - 🔗 | ✅ 1557 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.19, processor) | - 🔗 | ✅ 1557 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.20, receiver-0) | - 🔗 | ✅ 2611 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.19, receiver-0) | - 🔗 | ✅ 2611 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.20, exporter) | - 🔗 | ✅ 2499 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.19, receiver-1) | - 🔗 | ✅ 1965 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.19, exporter) | - 🔗 | ✅ 2499 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.20, receiver-1) | - 🔗 | ✅ 1965 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.19, other) | - 🔗 | ✅ 4762 ❌ 0 ⏭ 0 🔗 | See Details |
| unittest-matrix (1.20, other) | - 🔗 | ✅ 4762 ❌ 0 ⏭ 0 🔗 | See Details |
| integration-tests | - 🔗 | ✅ 55 ❌ 0 ⏭ 0 🔗 | See Details |
| setup-environment | - 🔗 | N/A | See Details |
| checks | - 🔗 | N/A | See Details |
| check-collector-module-version | - 🔗 | N/A | See Details |
| check-codeowners | - 🔗 | N/A | See Details |
| build-examples | - 🔗 | N/A | See Details |
| lint-matrix (receiver-0) | - 🔗 | N/A | See Details |
| lint-matrix (receiver-1) | - 🔗 | N/A | See Details |
| lint-matrix (processor) | - 🔗 | N/A | See Details |
| lint-matrix (exporter) | - 🔗 | N/A | See Details |
| lint-matrix (extension) | - 🔗 | N/A | See Details |
| lint-matrix (connector) | - 🔗 | N/A | See Details |
| lint-matrix (internal) | - 🔗 | N/A | See Details |
| lint-matrix (other) | - 🔗 | N/A | See Details |
| unittest (1.20) | - 🔗 | N/A | See Details |
| unittest (1.19) | - 🔗 | N/A | See Details |
| lint | - 🔗 | N/A | See Details |
| cross-compile (darwin, amd64) | - 🔗 | N/A | See Details |
| cross-compile (darwin, arm64) | - 🔗 | N/A | See Details |
| cross-compile (linux, 386) | - 🔗 | N/A | See Details |
| cross-compile (linux, amd64) | - 🔗 | N/A | See Details |
| cross-compile (linux, arm) | - 🔗 | N/A | See Details |
| cross-compile (linux, arm64) | - 🔗 | N/A | See Details |
| cross-compile (linux, ppc64le) | - 🔗 | N/A | See Details |
| cross-compile (windows, 386) | - 🔗 | N/A | See Details |
| cross-compile (windows, amd64) | - 🔗 | N/A | See Details |
| build-package (deb) | - 🔗 | N/A | See Details |
| build-package (rpm) | - 🔗 | N/A | See Details |
| windows-msi | - 🔗 | N/A | See Details |
| publish-check | - 🔗 | N/A | See Details |
| publish-stable | - 🔗 | N/A | See Details |
| publish-dev | - 🔗 | N/A | See Details |
⭕ build-and-test-windows workflow has finished in 4 seconds (35 minutes 52 seconds less than main branch avg.) and finished at 23rd Mar, 2023.
| Job | Failed Steps | Tests | |
|---|---|---|---|
| windows-unittest-matrix | - 🔗 | N/A | See Details |
| windows-unittest | - 🔗 | N/A | See Details |
✅ load-tests workflow has finished in 7 minutes 29 seconds (4 minutes 19 seconds less than main branch avg.) and finished at 23rd Mar, 2023.
| Job | Failed Steps | Tests | |
|---|---|---|---|
| loadtest (TestTraceAttributesProcessor) | - 🔗 | ✅ 3 ❌ 0 ⏭ 0 🔗 | See Details |
| loadtest (TestIdleMode) | - 🔗 | ✅ 1 ❌ 0 ⏭ 0 🔗 | See Details |
| loadtest (TestMetric10kDPS|TestMetricsFromFile) | - 🔗 | ✅ 6 ❌ 0 ⏭ 0 🔗 | See Details |
| loadtest (TestTraceBallast1kSPSWithAttrs|TestTraceBallast1kSPSAddAttrs) | - 🔗 | ✅ 10 ❌ 0 ⏭ 0 🔗 | See Details |
| loadtest (TestTraceNoBackend10kSPS|TestTrace1kSPSWithAttrs) | - 🔗 | ✅ 8 ❌ 0 ⏭ 0 🔗 | See Details |
| loadtest (TestMetricResourceProcessor|TestTrace10kSPS) | - 🔗 | ✅ 12 ❌ 0 ⏭ 0 🔗 | See Details |
| loadtest (TestBallastMemory|TestLog10kDPS) | - 🔗 | ✅ 18 ❌ 0 ⏭ 0 🔗 | See Details |
| setup-environment | - 🔗 | N/A | See Details |
✅ changelog workflow has finished in 1 minute 36 seconds (43 seconds less than main branch avg.) and finished at 23rd Mar, 2023.
| Job | Failed Steps | Tests | |
|---|---|---|---|
| changelog | - 🔗 | N/A | See Details |
✅ e2e-tests workflow has finished in 12 minutes 48 seconds (2 minutes 13 seconds less than main branch avg.) and finished at 23rd Mar, 2023.
| Job | Failed Steps | Tests | |
|---|---|---|---|
| kubernetes-test (v1.26.0) | - 🔗 | N/A | See Details |
| kubernetes-test (v1.25.3) | - 🔗 | N/A | See Details |
| kubernetes-test (v1.24.7) | - 🔗 | N/A | See Details |
| kubernetes-test (v1.23.13) | - 🔗 | N/A | See Details |
*You can configure Foresight comments in your organization settings page.
atoulme
force-pushed
the
introduce_sha2Hasher
branch
from
a6b0b44 to
ad5e161
Compare
atoulme
force-pushed
the
introduce_sha2Hasher
branch
from
ad5e161 to
1ecbaf3
Compare
atoulme
commented
Mar 18, 2023
codeboten
reviewed
Mar 20, 2023
|
I tend to agree, but I'm not sure. What do you think of my comment here as a way towards handling this? |
Rather than adding another function, i would follow the pattern of using feature gates to control this, the same way as any other breaking changes. |
|
Sorry, I am not familiar with feature gates. I guess this is the doc I can follow. I'll give it a shot. Directions always appreciated. |
I can't find the doc with this info in it, but essentially breaking changes can be done over 3 releases:
|
|
@atoulme the contributing guide in the core repo contains the following details:
|
atoulme
force-pushed
the
introduce_sha2Hasher
branch
from
06d0950 to
09fb1d1
Compare
codeboten
reviewed
Mar 22, 2023
atoulme
force-pushed
the
introduce_sha2Hasher
branch
from
3836fe0 to
b04d8c3
Compare
codeboten
approved these changes
Mar 23, 2023
codeboten
added
the
ready to merge
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description:
Stop using sha-1, a deprecated hashing algorithm which triggers security reports, and use sha2-256 instead.
Link to tracking Issue:
Fixes #4759 and #5576
Testing:
Updated tests
Documentation:
Fix comments in code.