Skip to content

deprecate sha1 #526

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

deprecate sha1 #526

wants to merge 1 commit into from

Conversation

miparnisari
Copy link

@miparnisari miparnisari commented Jun 19, 2025
edited
Loading

Description

See https://pkg.go.dev/crypto/sha1

Package sha1 implements the SHA-1 hash algorithm as defined in RFC 3174.

SHA-1 is cryptographically broken and should not be used for secure applications.

See https://go.dev/doc/security/fips140

When GODEBUG=fips140=only is used, in addition to the above, cryptographic algorithms that are not FIPS 140-3 compliant will return an error or panic.

Testing

[17:41:15] ~/Documents/GitHub/mage (sha-1-deprecation) $ golangci-lint run -v --fix -c .golangci.yaml ./...
INFO golangci-lint has version v2.1.5 built with go1.24.2 from (unknown, modified: ?, mod sum: "h1:zDcxV8s7kgQW3cpQiVA633CZJnKN/0iEXibPDWO8sZo=") on (unknown) 
INFO [config_reader] Used config file .golangci.yaml 
INFO [config_reader] Module name "github.com/magefile/mage" 
INFO maxprocs: Leaving GOMAXPROCS=16: CPU quota undefined 
INFO [goenv] Read go env for 4.378708ms: map[string]string{"GOCACHE":"/Users/miparnisari/Library/Caches/go-build", "GOROOT":"/opt/homebrew/opt/go/libexec"} 
INFO [lintersdb] Active 5 linters: [gosec govet ineffassign staticcheck unused] 
INFO [loader] Go packages loading at mode 8767 (compiled_files|deps|exports_file|name|files|imports|types_sizes) took 151.951292ms 
INFO [runner/filename_unadjuster] Pre-built 0 adjustments in 3.087208ms 
INFO [linters_context/goanalysis] analyzers took 153.294077ms with top 10 stages: buildir: 20.738334ms, gosec: 9.982166ms, S1038: 8.685459ms, QF1004: 6.988833ms, directives: 5.814709ms, S1028: 4.775499ms, S1008: 4.747583ms, QF1012: 4.731ms, SA4030: 4.462167ms, QF1010: 4.354916ms 
INFO [runner] processing took 1.71µs with stages: max_same_issues: 292ns, exclusion_paths: 209ns, invalid_issue: 125ns, path_absoluter: 125ns, exclusion_rules: 125ns, path_shortener: 125ns, max_from_linter: 125ns, diff: 84ns, source_code: 84ns, nolint_filter: 83ns, sort_results: 83ns, severity-rules: 83ns, cgo: 42ns, max_per_file_from_linter: 42ns, fixer: 42ns, path_prettifier: 41ns, uniq_by_line: 0s, generated_file_filter: 0s, path_relativity: 0s, filename_unadjuster: 0s 
INFO [runner] linters took 119.495125ms with stages: goanalysis_metalinter: 119.46875ms 
0 issues.
INFO File cache stats: 0 entries of total size 0B 
INFO Memory: 4 samples, avg is 59.7MB, max is 98.2MB 
INFO Execution took 279.233041ms                  
[17:41:17] ~/Documents/GitHub/mage (sha-1-deprecation) $

@miparnisari miparnisari marked this pull request as ready for review June 19, 2025 00:48
@miparnisari
Copy link
Author

Hi @natefinch and @perrito666, could you review this? Thank you 😄

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@miparnisari