Allow developers to specify hashing algorithm to use for package checksum

[savva1995]

I am using a private package repository Sonatype Nexus Repository Manager version 3.38. This is the version currently supported by my company and i have no other option. Unfortunately, this repo only provides md5 hashes via the simple api. As abhorrent as that is, I think we should be able to use poetry with these legacy systems. This would make poetry more accessible to developers and I am sure many companies are stuck using similar repositories.

Is there any way that a developer could specify a hashing algorithm to use to verify the checksum? Potentially a config option in pyproject.toml?

[dimbleby]

There are several open issues and MRs asking for, or working towards, having poetry support md5 hashes. Search "md5" to find #5670, #6301, #5326, #6490 ... and that's just page one.

Should be safe to close this one as a duplicate.

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.