mistercrunch commented on PR #31447: URL: https://github.com/apache/superset/pull/31447#issuecomment-2552440496
> code scan complaints about MD5 Yes but this is not a regression, it's just that I touch the lines/modules that triggers this check. Basically unrelated to this PR, though we may want to review/address or "noqa" it (unclear how to do that with CodeQL). While md5 shouldn't be used where security matters, it's fine to use it to hash things as a basic hash function. For instance the `cache_key` stuff shouldn't matter as we don't retrieve/serve the cache as the endpoint makes sure the user has access to the cache behind pulled. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
