)]}'
{"/COMMIT_MSG":[{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"abe49305fd93af50393fd3a8e76f7af3fa290a9a","unresolved":true,"context_lines":[{"line_number":9,"context_line":"We\u0027ve known this would eventually be necessary for a while [1], and"},{"line_number":10,"context_line":"way back in 2017 we started seeing SHA-1 collisions [2]."},{"line_number":11,"context_line":""},{"line_number":12,"context_line":"There\u0027s already a patch for Swfit from 2017[3], and this patch will"},{"line_number":13,"context_line":"update tempest side."},{"line_number":14,"context_line":""},{"line_number":15,"context_line":"[1] https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":1,"id":"eb136f9c_565a0975","line":12,"updated":"2022-03-09 15:55:31.000000000","message":"I\u0027m guessing this should reference https://review.opendev.org/c/openstack/swift/+/525771 ?","commit_id":"9d14b5801a098508b8887c49af9333114069538e"},{"author":{"_account_id":22873,"name":"Martin Kopec","email":"mkopec@redhat.com","username":"mkopec"},"change_message_id":"4dd6ee01cd5fcb650aaa5119287b9b447b2157a3","unresolved":true,"context_lines":[{"line_number":9,"context_line":"We\u0027ve known this would eventually be necessary for a while [1], and"},{"line_number":10,"context_line":"way back in 2017 we started seeing SHA-1 collisions [2]."},{"line_number":11,"context_line":""},{"line_number":12,"context_line":"There\u0027s already a patch for Swfit from 2017[3], and this patch will"},{"line_number":13,"context_line":"update tempest side."},{"line_number":14,"context_line":""},{"line_number":15,"context_line":"[1] https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":1,"id":"310a8f7a_c70dbf5a","line":12,"in_reply_to":"eb136f9c_565a0975","updated":"2022-04-14 09:38:34.000000000","message":"+1","commit_id":"9d14b5801a098508b8887c49af9333114069538e"}],"/PATCHSET_LEVEL":[{"author":{"_account_id":22873,"name":"Martin Kopec","email":"mkopec@redhat.com","username":"mkopec"},"change_message_id":"4dd6ee01cd5fcb650aaa5119287b9b447b2157a3","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":4,"id":"912acae1_b48168e2","updated":"2022-04-14 09:38:34.000000000","message":"I\u0027m ok with deprecating sha1, however I found several other occurrences of hashlib.sha1 in object_storage tests which could be addressed within this patch as well:\nhttps://codesearch.opendev.org/?q\u003dsha1\u0026i\u003dnope\u0026literal\u003dnope\u0026files\u003d\u0026excludeFiles\u003d\u0026repos\u003dopenstack/tempest","commit_id":"310aa01f54e0f65a5cc2c16020f1a67bb3d625e6"},{"author":{"_account_id":30674,"name":"Lukas Piwowarski","email":"lpiwowar@redhat.com","username":"lukas-piwowarski"},"change_message_id":"c596cb68a9180530bb2940781be5b087baa2d982","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":4,"id":"3e51264d_ca3f6d17","updated":"2022-03-31 11:18:48.000000000","message":"Looks good to me if sha256 is enabled for swift by default (which seems it is). ","commit_id":"310aa01f54e0f65a5cc2c16020f1a67bb3d625e6"},{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"c000e6a9cf22878700e1fe6c5d946d8d6331e785","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":4,"id":"d51a9658_8d9a44d9","in_reply_to":"912acae1_b48168e2","updated":"2022-04-14 15:31:31.000000000","message":"Good call -- at the very least, we should fix up test_object_temp_url_negative.py\n\nThe formpost tests are more of a problem: Swift currently *only* supports sha1 there. We do at least have a patch proposed that expands the set of allowed digests, though: https://review.opendev.org/c/openstack/swift/+/833713","commit_id":"310aa01f54e0f65a5cc2c16020f1a67bb3d625e6"},{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"8d0897b6d16d516419065b8c32282243de0047cc","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":6,"id":"f50e339b_1562efd0","updated":"2022-05-26 16:08:34.000000000","message":"LGTM -- we can\u0027t really do anything for formpost until Swift supports more than sha1 there, and the patches that add sha256/sha512 support currently transitively depend on this.","commit_id":"7f4779089538b1687c312024fdae8cf767a012ae"},{"author":{"_account_id":22873,"name":"Martin Kopec","email":"mkopec@redhat.com","username":"mkopec"},"change_message_id":"b4bfc70d1b55e5ed94d970a2c2020a53351347d5","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":6,"id":"0a4b5ca0_f3b20242","updated":"2022-06-01 12:59:43.000000000","message":"lgtm, thanks, let\u0027s merge while gates are working","commit_id":"7f4779089538b1687c312024fdae8cf767a012ae"},{"author":{"_account_id":9914,"name":"Ade Lee","email":"alee@redhat.com","username":"alee"},"change_message_id":"2c99475fc7dcfcedb003556a34b399aa9163e03c","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":6,"id":"edb46d21_97e31a67","updated":"2022-05-26 15:50:12.000000000","message":"patch updated - we will handle the formpost tests once the relevant swift patches have been merged.","commit_id":"7f4779089538b1687c312024fdae8cf767a012ae"},{"author":{"_account_id":22873,"name":"Martin Kopec","email":"mkopec@redhat.com","username":"mkopec"},"change_message_id":"9da55308734699f6217702d800091f3f156ebeed","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":6,"id":"17ee3133_dace76e0","updated":"2022-05-26 21:45:34.000000000","message":"recheck","commit_id":"7f4779089538b1687c312024fdae8cf767a012ae"},{"author":{"_account_id":9914,"name":"Ade Lee","email":"alee@redhat.com","username":"alee"},"change_message_id":"f355cb0659bdecbe5fbf21b2d7fb12266921670a","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":6,"id":"192c9849_0a10d989","updated":"2022-05-29 14:41:30.000000000","message":"recheck","commit_id":"7f4779089538b1687c312024fdae8cf767a012ae"},{"author":{"_account_id":22873,"name":"Martin Kopec","email":"mkopec@redhat.com","username":"mkopec"},"change_message_id":"267945595a603bdcd0a5a4ca92c4947565204bb2","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":6,"id":"65956919_8c3211a8","updated":"2022-05-27 13:20:57.000000000","message":"recheck","commit_id":"7f4779089538b1687c312024fdae8cf767a012ae"}],"tempest/api/object_storage/test_object_temp_url.py":[{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"abe49305fd93af50393fd3a8e76f7af3fa290a9a","unresolved":true,"context_lines":[{"line_number":78,"context_line":""},{"line_number":79,"context_line":"        hmac_body \u003d \u0027%s\\n%s\\n%s\u0027 % (method, expires, path)"},{"line_number":80,"context_line":"        sig \u003d hmac.new("},{"line_number":81,"context_line":"            key.encode(), hmac_body.encode(), hashlib.sha256"},{"line_number":82,"context_line":"        ).hexdigest()"},{"line_number":83,"context_line":""},{"line_number":84,"context_line":"        url \u003d \"%s/%s?temp_url_sig\u003d%s\u0026temp_url_expires\u003d%s\" % (container,"}],"source_content_type":"text/x-python","patch_set":1,"id":"c0821315_b0d8bcf5","line":81,"updated":"2022-03-09 15:55:31.000000000","message":"If we *really* want to get fancy, we could see what algorithms are supported via swift\u0027s /info endpoint: https://docs.openstack.org/api-ref/object-store/?expanded\u003dlist-activated-capabilities-detail#list-activated-capabilities\n\nResponse is a JSON dict; something like\n\n response.json()[\u0027tempurl\u0027].get(\u0027allowed_digests\u0027, [\u0027sha1\u0027])\n\nshould get you the list to choose from and work with any Swift going back to 1.11.0.\n\nOTOH, it\u0027s been like 5 years since Swift added support for sha256/sha512, and the stronger algorithms were enabled by default. Should be a pretty safe assumption that sha256 will be supported.","commit_id":"9d14b5801a098508b8887c49af9333114069538e"},{"author":{"_account_id":6796,"name":"Giulio Fidente","email":"gfidente@redhat.com","username":"gfidente"},"change_message_id":"9e32427440571a1f25fe3dd213e4ab9ad3915d65","unresolved":true,"context_lines":[{"line_number":78,"context_line":""},{"line_number":79,"context_line":"        hmac_body \u003d \u0027%s\\n%s\\n%s\u0027 % (method, expires, path)"},{"line_number":80,"context_line":"        sig \u003d hmac.new("},{"line_number":81,"context_line":"            key.encode(), hmac_body.encode(), hashlib.sha256"},{"line_number":82,"context_line":"        ).hexdigest()"},{"line_number":83,"context_line":""},{"line_number":84,"context_line":"        url \u003d \"%s/%s?temp_url_sig\u003d%s\u0026temp_url_expires\u003d%s\" % (container,"}],"source_content_type":"text/x-python","patch_set":1,"id":"bbfe08f0_88898ff0","line":81,"in_reply_to":"ba7d261e_207a9b00","updated":"2022-07-14 11:58:10.000000000","message":"this would also help with using tempest against ceph/rgw which doesn\u0027t support sha256 (yet); will try that in a follow up patch","commit_id":"9d14b5801a098508b8887c49af9333114069538e"},{"author":{"_account_id":6796,"name":"Giulio Fidente","email":"gfidente@redhat.com","username":"gfidente"},"change_message_id":"0c5945a2f67b115f4d28dd7ee387daf5eea8db09","unresolved":true,"context_lines":[{"line_number":78,"context_line":""},{"line_number":79,"context_line":"        hmac_body \u003d \u0027%s\\n%s\\n%s\u0027 % (method, expires, path)"},{"line_number":80,"context_line":"        sig \u003d hmac.new("},{"line_number":81,"context_line":"            key.encode(), hmac_body.encode(), hashlib.sha256"},{"line_number":82,"context_line":"        ).hexdigest()"},{"line_number":83,"context_line":""},{"line_number":84,"context_line":"        url \u003d \"%s/%s?temp_url_sig\u003d%s\u0026temp_url_expires\u003d%s\" % (container,"}],"source_content_type":"text/x-python","patch_set":1,"id":"7d7d8477_6445876b","line":81,"in_reply_to":"bbfe08f0_88898ff0","updated":"2022-07-14 13:19:34.000000000","message":"this is the follow up patch https://review.opendev.org/c/openstack/tempest/+/849857","commit_id":"9d14b5801a098508b8887c49af9333114069538e"},{"author":{"_account_id":34120,"name":"Andre Aranha","display_name":"afariasa","email":"afariasa@redhat.com","username":"afariasa"},"change_message_id":"11caba43da1097434eacaacb9ee984c96d814dd6","unresolved":true,"context_lines":[{"line_number":78,"context_line":""},{"line_number":79,"context_line":"        hmac_body \u003d \u0027%s\\n%s\\n%s\u0027 % (method, expires, path)"},{"line_number":80,"context_line":"        sig \u003d hmac.new("},{"line_number":81,"context_line":"            key.encode(), hmac_body.encode(), hashlib.sha256"},{"line_number":82,"context_line":"        ).hexdigest()"},{"line_number":83,"context_line":""},{"line_number":84,"context_line":"        url \u003d \"%s/%s?temp_url_sig\u003d%s\u0026temp_url_expires\u003d%s\" % (container,"}],"source_content_type":"text/x-python","patch_set":1,"id":"ba7d261e_207a9b00","line":81,"in_reply_to":"c0821315_b0d8bcf5","updated":"2022-03-30 08:57:41.000000000","message":"Ack. I\u0027ll leave the change to a minimum on this patch, I\u0027ll check this and send another one.\n(I\u0027m quite not sure how to make this call, so it\u0027ll require some time and some tries from my part)","commit_id":"9d14b5801a098508b8887c49af9333114069538e"}]}