[Python-Dev] Hash collision security issue (now public)

[Ned Batchelder]

On 12/28/2011 9:09 PM, Raymond Hettinger wrote:
> Also, randomizing the hash wreaks havoc on doctests, book examples
> not matching actual dict reprs, and on efforts by users to optimize
> the insertion order into dicts with frequent lookups.
I don't have a strong opinion about what to do about this vulnerability, 
but I know that none of these three reasons are a good reason to not 
change anything.  Dictionary key order has never been guaranteed, and 
changes from time to time.  Any code relying on it is broken to begin 
with. This is one of the reasons not to use doctests in the first place: 
comparing dicts textually has always been silly.

--Ned.