Skip to content

Revert "Core: Fix FIPS compliance"#31986

Closed
ghengeveld wants to merge 1 commit into
nextfrom
revert-31806-jeppe/fix-fips-compliance
Closed

Revert "Core: Fix FIPS compliance"#31986
ghengeveld wants to merge 1 commit into
nextfrom
revert-31806-jeppe/fix-fips-compliance

Conversation

@ghengeveld
Copy link
Copy Markdown
Member

@ghengeveld ghengeveld commented Jul 8, 2025
edited by greptile-apps Bot
Loading

Reverts #31806

Greptile Summary

Reverts the FIPS compliance fix that switched hashing from MD5 to SHA256 in FileSystemCache.

  • Reverts change in code/core/src/common/utils/file-cache.ts back to using MD5 instead of SHA256
  • Could impact organizations requiring FIPS compliance as MD5 is not FIPS-compliant
  • May affect build performance and caching behavior due to hash algorithm change

greptile-apps[bot]
greptile-apps Bot reviewed Jul 8, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@greptile-apps greptile-apps Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1 file reviewed, 1 comment
Edit PR Review Bot Settings | Greptile

Comment thread code/core/src/common/utils/file-cache.ts
constructor(options: FileSystemCacheOptions = {}) {
this.prefix = (options.ns || options.prefix || '') + '-';
this.hash_alg = options.hash_alg || 'sha256';
this.hash_alg = options.hash_alg || 'md5';
Copy link
Copy Markdown
Contributor

@greptile-apps greptile-apps Bot Jul 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

logic: Reverting to MD5 will break Storybook in FIPS-compliant environments. Consider making SHA256 configurable rather than reverting.

Suggested change
this.hash_alg = options.hash_alg || 'md5';
this.hash_alg = options.hash_alg || 'sha256';

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Jul 8, 2025

Fails
🚫

PR is not labeled with one of: ["cleanup","BREAKING CHANGE","feature request","bug","documentation","maintenance","build","dependencies"]

Generated by 🚫 dangerJS against 310d7f6

@nx-cloud
Copy link
Copy Markdown

nx-cloud Bot commented Jul 8, 2025
edited
Loading

View your CI Pipeline Execution ↗ for commit 310d7f6

Command Status Duration Result
nx run-many -t check -c production --parallel=7 ✅ Succeeded 1s View ↗
nx run-many -t build -c production --parallel=3 ✅ Succeeded 2s View ↗

☁️ Nx Cloud last updated this comment at 2025-07-08 12:05:23 UTC

@storybook-app-bot
Copy link
Copy Markdown

storybook-app-bot Bot commented Jul 8, 2025
edited
Loading

Package Benchmarks

Commit: 310d7f6, ran on 8 July 2025 at 12:09:20 UTC

No significant changes detected, all good. 👏

@ghengeveld ghengeveld added ci:daily Run the CI jobs that normally run in the daily job. and removed ci:normal ci:daily Run the CI jobs that normally run in the daily job. labels Jul 8, 2025
@ghengeveld ghengeveld closed this Jul 11, 2025
@kasperpeulen kasperpeulen deleted the revert-31806-jeppe/fix-fips-compliance branch April 4, 2026 19:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

ci:daily Run the CI jobs that normally run in the daily job.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ghengeveld