Open jonthanon opened 3 years ago
If your company requires you remove references to CC_MD5 then you or your company should fork the library.
Would you accept a PR which adds macros to enable/disable sha1, md5, and untrusted SSL certs? Branch did something similar with IDFA support here and allows users to set BRANCH_EXCLUDE_IDFA_CODE as a preprocessor to remove during build. It would satisfy the ability for users to compile out without having to fork the library. In this case I would have each respected component compile in throwing an exception stating it was disabled during compilation.
Is there any chance of removing this support for MD5 from
RNFetchBlobFS
'shash
function?My company has asked us to remove all references to CC_MD5 (due to MD5 being cryptographically broken and CC_MD5 being deprecated by Apple), regardless of whether it's used for cryptographic purposes or called by our code.
Update: I noticed it's also used here for generating a filename.