Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sha-1 vs sha1 #438

Closed
willstott101 opened this issue Nov 22, 2022 · 8 comments
Closed

sha-1 vs sha1 #438

willstott101 opened this issue Nov 22, 2022 · 8 comments

Comments

@willstott101
Copy link

According to this comment the https://crates.io/crates/sha-1 has been deprecated.

I see no indication that it's deprecated on docs.rs, nor crates.io. How is this deprecation meant to be communicated? What's the benefit of the new crate?

Furthermore the README at https://github.com/RustCrypto/hashes/blob/08d677fc9b978320eb3d5c261339f3d72f5f07f6/sha1/README.md appears to point at the sha-1 crate, not sha1, making it look like the last version of sha-1 is the latest version of sha1 😕
@willstott101
Copy link
Author

by "README points at", I mean the shield and link urls to docs & crates.io etc

@newpavlov
Copy link
Member

We plan to release sha1 v0.10.0 and an empty sha-1 v0.10.0 with deprecation notice. Ownership of the sha1 crate was transferred to us after sha-1 v0.9.0 was released, so for now both versions are "active".

I will fix the readme links right away.

@newpavlov newpavlov mentioned this issue Nov 24, 2022
Merged
@newpavlov
Copy link
Member

We probably should also add a deprecation note to the sha-1 crate description and readme on the next release.

@tarcieri
Copy link
Member

We can also add a @rustsec unmaintained crate advisory for sha-1 which notes the new name.

We should probably do the same for ripemd160/ripemd320` too.

@newpavlov
Copy link
Member

newpavlov commented Nov 28, 2022
edited
Loading

I have published sha-1 v0.10.5 with deprecation warnings.

@CryZe
Copy link

CryZe commented Nov 28, 2022
edited
Loading

0.10.5 was a breaking change: snapview/tungstenite-rs#321

@neoeinstein
Copy link

Yep. This just broke a bunch of unrelated builds downstream. Can we get 0.10.5 yanked?

jasonish added a commit to jasonish/suricata that referenced this issue Nov 28, 2022
@jasonish
rust: sha-1 is now sha1
539ca5a 
This is the same crate, but renamed to be more consistent with the
RustCrypto project naming. Some recent discussion is available here:
    RustCrypto/hashes#438
jasonish added a commit to jasonish/suricata that referenced this issue Nov 28, 2022
@jasonish
rust: sha-1 is now sha1
91617f4 
This is the same crate, but renamed to be more consistent with the
RustCrypto project naming. Some recent discussion is available here:

    RustCrypto/hashes#438
@newpavlov
Copy link
Member

newpavlov commented Nov 28, 2022
edited
Loading

Oh... I forgot to do the lib renaming. I will yank v0.10.5 and will do re-release right away.

@ThetaSinner ThetaSinner mentioned this issue Jan 13, 2023
Merged
@jeremyBanks jeremyBanks mentioned this issue Mar 24, 2024
Merged
@newpavlov newpavlov mentioned this issue Mar 31, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@tarcieri @neoeinstein @newpavlov @willstott101 @CryZe