Skip to content

Make document ID hash algorithm configurable (currently hard-coded MD5) #2425

Description

@dadoonet

SignTool.sign(String) derives Elasticsearch document _ids from file paths using a hard-coded MD5 digest. Two concerns:

  • Sonar flags it as a weak-hash hotspot (java:S4790).
  • Users cannot choose the algorithm.

Why MD5 can't simply be swapped: the digest is the document _id. Changing the algorithm changes every _id → a full reindex for existing users. So MD5 must remain the default for backward compatibility.

Proposal: introduce a setting (e.g. fs.hash_algorithm) letting users opt into a stronger digest (SHA-256…), keeping MD5 as the default. Deprecate the hard-coded sign(String) in favor of a configurable variant, and document the reindex implication when the algorithm is changed.

Context: raised while reducing SonarCloud findings. In the meantime SignTool.sign(String) is annotated @SuppressWarnings("java:S4790") + @Deprecated(since = "2.10") pointing here.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions