-
-
Notifications
You must be signed in to change notification settings - Fork 8.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[JENKINS-60563] Replace MD5 with SHA-256 in ConsistentHash #5028
[JENKINS-60563] Replace MD5 with SHA-256 in ConsistentHash #5028
Conversation
- Also update outdated link - Reformat some of the code - Adjust the tests - Ignore the performance test - Correct typos
why have it then? |
Used in Jenkins core only :) (description updated) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Replacing the MD5 is a good idea 👍
@@ -183,18 +185,20 @@ public String hash(String str) { | |||
* This test doesn't fail but it's written to measure the performance of the consistent hash function with large data set. | |||
*/ | |||
@Test | |||
@Ignore("Helper test for performance, no assertion") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fine with me, is the performance difference for this implementation noteworthy?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No tested due to Hash function comparison, the difference should be around 5-10% between MD5 and SHA-256.
It's not like we are moving from MD5 to BCrypt :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems fine, though I wonder if there's a non-cryptographic hash function that would work better for this use case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fine with me. Maybe it is a good time to deprecate the class also.
We may merge it in 24 hours if there is no negative feedback. Please see the merge process documentation for more information about the merge process
ℹ️ No usage of that class in the ecosystem (Edit: outside Jenkins core that is using it for Queue)
⚠️ For CloudBees, please check Slack.
See JENKINS-60563.
Proposed changelog entries
Proposed upgrade guidelines
N/A
Submitter checklist
Proposed changelog entries
section only if there are breaking changes or other changes which may require extra steps from users during the upgradeDesired reviewers
Maintainer checklist
Before the changes are marked as
ready-for-merge
:Proposed changelog entries
are correctupgrade-guide-needed
label is set and there is aProposed upgrade guidelines
section in the PR title. (example)lts-candidate
to be considered (see query).