scrapinghub/dateparser

dateparser doesn't work in FIPS compliant environments

Open

#1,258 opened on Mar 14, 2025

View on GitHub
 (9 comments) (3 reactions) (0 assignees)Python (443 forks)batch import
Status: Bug confirmedType: Buggood first issue

Repository metrics

Stars
 (2,318 stars)
PR merge metrics
 (Avg merge 397d 12h) (13 merged PRs in 30d)

Description

Many secure environments disable the hashlib.md5 function because it is insecure, the causes the line below to fail making dateparser unusable in these environments:

https://github.com/scrapinghub/dateparser/blob/02bd2e5dd4477b4f6db98c5e98149458eb3cc821/dateparser/conf.py#L52

This can easily be remedied by replacing that line with return hashlib.md5("".join(keys).encode("utf-8"), usedforsecurity=False).hexdigest() which appropriately bypasses the fips security check because dateparser is not using the md5 hash for security applications.

This is a great project, would appreciate it if this fix could be pushed so it becomes useable in FIPS-compliant environments!

Contributor guide