#34804: legacy_algorithm = 'sha1' removed in django4.0 but new algo algorithm is hardcoded ------------------------------------------------+------------------------ Reporter: Awais Qureshi | Owner: nobody Type: Cleanup/optimization | Status: new Component: Core (Other) | Version: 4.2 Severity: Normal | Keywords: Triage Stage: Unreviewed | Has patch: 0 Needs documentation: 0 | Needs tests: 0 Patch needs improvement: 0 | Easy pickings: 0 UI/UX: 0 | ------------------------------------------------+------------------------ I am trying to upgrade from django32 to 42 and facing an issue in https://github.com/django/django/blob/3.2/django/core/signing.py#L124
in django32 it is like this # RemovedInDjango40Warning. legacy_algorithm = 'sha1' and in __init__ method it picks the value like this `self.algorithm = algorithm or settings.DEFAULT_HASHING_ALGORITHM` In django42 https://github.com/django/django/blob/4.2.4/django/core/signing.py#L204 algorithm getting value like this self.algorithm = algorithm or "sha256" ( its a hardcoded value and can be pick via settings) So here is my code I am using dump method to `signing.dumps(data_to_sign, salt=self.key_salt)` and it furthers call the `TimestampSigner` So I am not able to find any way to pass the `sha1` which is my current prod setting. Last option for me is to override the class. Proposed solution is like previous one in __init__ method it picks the value like this `self.algorithm = algorithm or settings.DEFAULT_HASHING_ALGORITHM` -- Ticket URL: <https://code.djangoproject.com/ticket/34804> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-updates+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-updates/0107018a4574aaee-d8dbbccd-51da-497e-a948-3f49442a9f33-000000%40eu-central-1.amazonses.com.