diff --git a/superset/key_value/utils.py b/superset/key_value/utils.py index 6b487c278c0d0..406129232a877 100644 --- a/superset/key_value/utils.py +++ b/superset/key_value/utils.py @@ -61,7 +61,7 @@ def decode_permalink_id(key: str, salt: str) -> int: def get_uuid_namespace(seed: str) -> UUID: - md5_obj = md5() + md5_obj = md5(usedforsecurity=False) md5_obj.update(seed.encode("utf-8")) return UUID(md5_obj.hexdigest()) diff --git a/superset/migrations/shared/utils.py b/superset/migrations/shared/utils.py index 2ae0dfeac158a..e62cac32f31b1 100644 --- a/superset/migrations/shared/utils.py +++ b/superset/migrations/shared/utils.py @@ -54,7 +54,7 @@ def table_has_column(table: str, column: str) -> bool: uuid_by_dialect = { MySQLDialect: "UNHEX(REPLACE(CONVERT(UUID() using utf8mb4), '-', ''))", - PGDialect: "uuid_in(md5(random()::text || clock_timestamp()::text)::cstring)", + PGDialect: "uuid_in(sha256(random()::text || clock_timestamp()::text)::cstring)", } diff --git a/superset/utils/hashing.py b/superset/utils/hashing.py index fff654263e4a5..2c1e4a17f555d 100644 --- a/superset/utils/hashing.py +++ b/superset/utils/hashing.py @@ -21,7 +21,7 @@ def md5_sha_from_str(val: str) -> str: - return hashlib.md5(val.encode("utf-8")).hexdigest() + return hashlib.md5(val.encode("utf-8"), usedforsecurity=False).hexdigest() def md5_sha_from_dict( diff --git a/superset/utils/public_interfaces.py b/superset/utils/public_interfaces.py index 85622d1c3b020..33b02915abf10 100644 --- a/superset/utils/public_interfaces.py +++ b/superset/utils/public_interfaces.py @@ -40,13 +40,13 @@ def compute_hash(obj: Callable[..., Any]) -> str: def compute_func_hash(function: Callable[..., Any]) -> str: - hashed = md5() + hashed = md5(usedforsecurity=False) hashed.update(str(signature(function)).encode()) return b85encode(hashed.digest()).decode("utf-8") def compute_class_hash(class_: Callable[..., Any]) -> str: - hashed = md5() + hashed = md5(usedforsecurity=False) public_methods = sorted( [ (name, method)