On 07/10/2017 03:06 PM, Dennis Kliban wrote: > The upload API for Artifacts is going to allow users to specify the > artifact size and a digest. The Artifact model currently supports 'md5', > 'sha1', 'sha224', 'sha256', 'sha384', and 'sha512' digests. > > Do we want to let users specify more than one digest per upload? e.g. md5 > and sha256? > > Do we want to store all 6 digests for each Artifact?
My hasty thoughts behind those fields: On the upload, the hash is only useful for verifying that the upload succeeded, so only one is necessary (but hey, the paranoid can upload as many as they've got to guard against potential collisions I guess). Once verified, pulp should generate all remaining hashes. A corollary is that Pulp should never store a hash received from a user, or else pulp is potentially storing corrupt data. For fun, take a look at `hashlib.algorithms_guaranteed` in a python2 interpreter, and then compare it to the list of fields you've mentioned to see where that list of hashes came from. Then look at the same thing in a python3, and consider how to deal with that in the data model, particularly taking into account the potential migration pain that comes with adding new supported hash types as the number of artifacts increases.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Pulp-dev mailing list [email protected] https://www.redhat.com/mailman/listinfo/pulp-dev
