Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support FIPS during poetry publish #8310

Closed
4 tasks done
vpbonev opened this issue Aug 14, 2023 · 1 comment · Fixed by #9101
Closed
4 tasks done

Support FIPS during poetry publish #8310

vpbonev opened this issue Aug 14, 2023 · 1 comment · Fixed by #9101
Labels
kind/bug Something isn't working as expected status/triage This issue needs to be triaged

Comments

@vpbonev
Copy link

vpbonev commented Aug 14, 2023

  • Poetry 1.5.1:
  • Python 3.10:
  • OS 13.5 Ventura:
  • pyproject.toml:
  • I am on the latest stable Poetry version, installed using a recommended method.
  • I have searched the issues of this repo and believe that this is not a duplicate.
  • I have consulted the FAQ and blog for any relevant entries or release notes.
  • If an exception occurs when executing a command, I executed it again in debug mode (-vvv option) and have included the output below.

Issue

This extends FIPS compliance as done in lark-parser/lark#1190
hashlib.md5() is only used to get additional hash alongside with sha256, a passing of usedforsecurity=False is required. This option was introduced in Python 3.9 so we need to make sure we check whether that version is present
@vpbonev vpbonev added kind/bug Something isn't working as expected status/triage This issue needs to be triaged labels Aug 14, 2023
@vpbonev vpbonev mentioned this issue Aug 14, 2023
Closed
2 tasks
@lorengordon lorengordon mentioned this issue Nov 8, 2023
Closed
2 tasks
@Secrus Secrus mentioned this issue Mar 3, 2024
Merged
abn pushed a commit that referenced this issue Mar 3, 2024
@Secrus
publishing: allow publishing under FIPS environments
2478f54 
This change introduces HashManager to disable md5 and blake2 when 
publishing under FIPS enabled environments.

Resolves: #8310
@abn abn closed this as completed in #9101 Mar 3, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 3, 2024

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 3, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
kind/bug Something isn't working as expected status/triage This issue needs to be triaged
Projects
None yet
Milestone
No milestone
1 participant
@vpbonev