9f0f31eb8b
md5 is not an approved algorithm in FIPS mode, and trying to instantiate a hashlib.md5() will fail when the system is running in FIPS mode. md5 is allowed when in a non-security context. There is a plan to add a keyword parameter (usedforsecurity) to hashlib.md5() to annotate whether or not the instance is being used in a security context. In the case where it is not, the instantiation of md5 will be allowed. See https://bugs.python.org/issue9216 for more details. Some downstream python versions already support this parameter. To support these versions, a new encapsulation of md5() has been added to oslo_utils. See https://review.opendev.org/#/c/750031/ This patch is to replace the instances of hashlib.md5() with this new encapsulation, adding an annotation indicating whether the usage is a security context or not. In this case, md5 is computed as one of the object hashes for the purposes of object versioning. Change-Id: Idf36897d690a20d23123950618643d0b9e085f6c Depends-On: https://review.opendev.org/#/c/760160
15 lines
554 B
Plaintext
15 lines
554 B
Plaintext
# The order of packages is significant, because pip processes them in the order
|
|
# of appearance. Changing the order has an impact on the overall integration
|
|
# process, which may cause wedges in the gate later.
|
|
oslo.concurrency>=3.26.0 # Apache-2.0
|
|
oslo.config>=5.2.0 # Apache-2.0
|
|
oslo.context>=2.19.2 # Apache-2.0
|
|
oslo.messaging>=5.29.0 # Apache-2.0
|
|
oslo.serialization!=2.19.1,>=2.18.0 # Apache-2.0
|
|
oslo.utils>=4.7.0 # Apache-2.0
|
|
iso8601>=0.1.11 # MIT
|
|
oslo.log>=3.36.0 # Apache-2.0
|
|
oslo.i18n>=3.15.3 # Apache-2.0
|
|
WebOb>=1.7.1 # MIT
|
|
netaddr>=0.7.18 # BSD
|