HTHou opened a new pull request, #290: URL: https://github.com/apache/tsfile/pull/290
Fixes [https://github.com/apache/tsfile/security/code-scanning/9](https://github.com/apache/tsfile/security/code-scanning/9) To fix the problem, we need to replace the use of the MD5 algorithm with a stronger, modern cryptographic algorithm. The best way to do this without changing existing functionality is to use SHA-256, which is widely regarded as secure. 1. **General fix:** Replace instances of `MessageDigest.getInstance("MD5")` with `MessageDigest.getInstance("SHA-256")`. 2. **Detailed fix:** Update the `getNormalKeyStr` and `getEncryptParameter` methods to use SHA-256 instead of MD5. 3. **Specific changes:** Modify lines 124 and 157 in the `EncryptUtils.java` file. 4. **Required imports:** No new imports are needed as `MessageDigest` is already imported. _Suggested fixes powered by Copilot Autofix. Review carefully before merging._ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
