Make `crypto/md5` a denied import (!311) · Merge requests · GitLab.org / security-products / ci-templates

Brian Williams requested to merge bwill/deny-md5-usage into master May 11, 2022

What does this MR do?

FIPS-enabled cryptographic modules do not allow usage of MD5. This change adds depguard to the golangci-lint configuration and configures it so that importing the crypto/md5 package is not allowed. This will cause any usages of MD5 to fail the CI pipeline.

What are the relevant issue numbers?

https://gitlab.com/groups/gitlab-org/-/epics/8033

Does this MR meet the acceptance criteria?

Tests added for this feature/bug

Edited May 11, 2022 by Brian Williams

Make `crypto/md5` a denied import

What does this MR do?

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

Merge request reports