Skip to content

Addresed FIPS compliance issues #440

Merged
iainrussell merged 2 commits intoecmwf:masterfrom
xlian-nextgen:master
Jan 27, 2026
Merged

Addresed FIPS compliance issues #440
iainrussell merged 2 commits intoecmwf:masterfrom
xlian-nextgen:master

Conversation

@xlian-nextgen
Copy link
Contributor

@xlian-nextgen xlian-nextgen commented Dec 29, 2025

Due to FIPS(Federal information Processing Standards) newer versions of cfgrib encounter an error during runtime. This issue can be addressed by setting the usedforsecurity flag on hashlib md5 to false. Due to the primary use of this project being an API to support a grib engine for xarray this flag can be set to false.

The code change is based on an issue opened previously
#383

@codecov-commenter
Copy link

codecov-commenter commented Jan 19, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 0% with 5 lines in your changes missing coverage. Please review.
✅ Project coverage is 41.71%. Comparing base (93802ff) to head (b2c2c35).

Files with missing lines Patch % Lines
cfgrib/messages.py 0.00% 5 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #440      +/-   ##
==========================================
- Coverage   41.78%   41.71%   -0.08%     
==========================================
  Files          26       26              
  Lines        2228     2232       +4     
  Branches      195      195              
==========================================
  Hits          931      931              
- Misses       1297     1301       +4

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@iainrussell
Copy link
Member

iainrussell commented Jan 20, 2026

Hi @xlian-nextgen, many thanks for this contribution - I will merge it, but first can you add a comment with our contributors' agreement text? https://github.com/ecmwf/.github/blob/main/.github/PULL_REQUEST_TEMPLATE.md

@barronh
Copy link

barronh commented Jan 20, 2026

@xlian-nextgen, thanks indeed! With the end-of-life on python3.9, this is starting to pop up in production environments. We have Dockers that fail when they update to newer python.

@xlian-nextgen
Copy link
Contributor Author

xlian-nextgen commented Jan 26, 2026

Description

Contributor Declaration

By opening this pull request, I affirm the following:

  • All authors agree to the Contributor License Agreement.
  • The code follows the project's coding standards.
  • I have performed self-review and added comments where needed.
  • I have added or updated tests to verify that my changes are effective and functional.
  • I have run all existing tests and confirmed they pass.

@xlian-nextgen
Copy link
Contributor Author

xlian-nextgen commented Jan 26, 2026

Thank you for the review, I have added a comment with the contributors' agreement text. Let me know if you need anything else.

@iainrussell iainrussell merged commit 0168c3b into ecmwf:master Jan 27, 2026
136 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

approved-for-ci contributor

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@xlian-nextgen @codecov-commenter @iainrussell @barronh