HTHou opened a new pull request, #291: URL: https://github.com/apache/tsfile/pull/291
Fixes [https://github.com/apache/tsfile/security/code-scanning/12](https://github.com/apache/tsfile/security/code-scanning/12) To fix the problem, we need to replace the use of the MD5 algorithm with a stronger, modern cryptographic algorithm such as SHA-256. This involves updating the `MessageDigest.getInstance("MD5")` call to use `SHA-256` instead. The rest of the code logic can remain the same, as SHA-256 provides a similar interface to MD5. **Steps to fix:** 1. Update the `MessageDigest.getInstance("MD5")` call to `MessageDigest.getInstance("SHA-256")` in both `getNormalKeyStr` methods. 2. Ensure that the rest of the code correctly handles the output of the SHA-256 hash, which is longer than the MD5 hash. _Suggested fixes powered by Copilot Autofix. Review carefully before merging._ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
