Support SHA-256 hash in libravatar URLs
Support for using SHA-256 hash for URLs for libravatar as per https://wiki.libravatar.org/api/ .
Note: Gravatar does not support for SHA-256 hash but only for MD5 (as of 2022-08).
This feature enhancement helps GitLab work in FIPS mode.
Update 2024-01-22
Gravatar now supports SHA256, so you can just use the same digest for both.
Source: https://docs.gravatar.com/general/hash/
It should be feasible to just migrate over the SHA256 without issues in either:
- Gravatar is a centralized service, so there is no concern there.
- Libravatar has had SHA256 support since 2018, so even for self-hosted instances, it should be a relatively safe move. [source]
Resources
- Gravatar: https://en.wikipedia.org/wiki/Gravatar
Edited by Christina Lohr