On Fri, May 30, 2003 at 08:41:54PM -0400, Guido van Rossum wrote:
Of course, such programs are already vulnerable to changes in the hash implementation between Python versions (which has happened before).
Is there at least a guarantee that the hashing algorithm won't change in a bugfix release? For instance, can I depend that python222 -c 'print hash(1), hash("a")' python223 -c 'print hash(1), hash("a")' will both output the same thing, even if python23 -c 'print hash(1), hash("a")' and python3000 -c 'print hash(1), hash("a")' may print something different?
That's a reasonable assumption, yes. We realize that changing the hash algorithm is a feature change, even if it is a very subtle one.
For Scott's proposal to work, it would have to change the hash value on every invocation of Python. If not, colliding keys can be found with a Monte Carlo method. Raymond Hettinger