On Fri, Jan 6, 2012 at 8:15 AM, Serhiy Storchaka <storchaka at gmail.com> wrote: > 05.01.12 21:14, Glenn Linderman написав(ла): >> >> So, fixing the vulnerable packages could be a sufficient response, >> rather than changing the hash function. How to fix? Each of those >> above allocates and returns a dict. Simply have each of those allocate >> and return and wrapped dict, which has the following behaviors: >> >> i) during __init__, create a local, random, string. >> ii) for all key values, prepend the string, before passing it to the >> internal dict. > > > Good idea. Not a good idea - a lot of the 3rd party tests that depend on dict ordering are going to be using those modules anyway, so scattering our solution across half the standard library is needlessly creating additional work without really reducing the incompatibility problem. If we're going to change anything, it may as well be the string hashing algorithm itself. Cheers, Nick. -- Nick Coghlan | ncoghlan at gmail.com | Brisbane, Australia
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4