Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Generate SimpleDigests object from what metadata offers #1451

Open
cooperlees opened this issue May 3, 2023 · 0 comments
Open

Generate SimpleDigests object from what metadata offers #1451

cooperlees opened this issue May 3, 2023 · 0 comments
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed

Comments

@cooperlees
Copy link
Contributor

Today in simple.py we hard code a NamedTuple of possible digests and a StrEnum equivalent. I'd like to see if we could refactor this to support any digest that PyPI itself offers in the metadata we use. Bandersnatch (unfortunately) uses the non PEP standard "JSON API".

An example metadata can be seen looking at our bandersnatch project metadata. We can see here that it offers multiple hashes per release. We should allow users of bandersnatch to select any Digest offered there that is PEP691 compliant, i.e. hashlib supports.

This will help us just magically support the next new hash hotness when one of these or all become insecure.
@cooperlees cooperlees added enhancement New feature or request help wanted Extra attention is needed good first issue Good for newcomers labels May 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cooperlees