Odd Security hotspot for python - Weak Cryptography


I have a mostly ruby project, with the pymysql (https://github.com/PyMySQL/PyMySQL) library copied into the repository. I am using SonarCloud for scanning.

I am getting the a few security hotspots stating https://rules.sonarsource.com/python/RSPEC-4790 as the issue. They are all about use of sha256 or sha512 in the code. As an example:

Why is the scan alarming about use of sha256 and sha512 when they are both listed in the Recommended Secure Coding Practices?

Is this a false positive or is there something I need to do to remediate this?


Hey there.

Right now, S4790 raised an issue everywhere a hash function is used (even when a secure hash function, like SHA-256, is used).

We know this isn’t ideal and will address this: SONARPY-704


That explains it.
Thank you so much for the quick resolution! :slight_smile:

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.