On Fri, Jul 31, 2020 at 11:47 AM Carlton Gibson <[email protected]> wrote:
> Add the new setting default to sha1. > Raise a DeprecationWarning unless it’s set to sha256 (so folks can opt-in > to the future.) > Remove setting, and change default to sha256, when 4.0? > > Does that sound right? (Grrr.) > I think this just move the migration problem from 3.2 to 4.0. What about the other way: add a migration setting set to new algorithm, so who really need sha1 can opt-in to old algorithm? -- | Raffaele Salmaso | https://salmaso.org | https://bitbucket.org/rsalmaso | https://github.com/rsalmaso -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/CABgH4Jt0xXzXrFO8vAFFbF_zabF6xhFGnnTS1rJi_iWAT9fJRg%40mail.gmail.com.
