id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
37078	salted_hmac() defaults to SHA-1 algorithm despite SHA-256 being preferred everywhere else	Denny Biasiolli		"The `salted_hmac()` function (`crypto.py:19`) defaults to `algorithm=""sha1""`. While HMAC-SHA1 is not cryptographically broken (HMAC construction is resistant to collision attacks), SHA-1 is deprecated by NIST and modern security standards recommend SHA-256 or stronger for all new applications.

All security-sensitive callers within Django already override this default — `Signer` uses `sha256` (signing.py:193), `PasswordResetTokenGenerator` passes `sha256` explicitly, and session auth hashes use SHA-256. However, any third-party code or custom application calling `salted_hmac()` without specifying an algorithm will silently use SHA-1.

## Steps to Reproduce

1. In any Django project, call:
   ```python
   from django.utils.crypto import salted_hmac
   mac = salted_hmac(""my_salt"", ""my_value"")
   print(mac.digest_size)  # 20 bytes = SHA-1
   ```
2. Observe the HMAC uses SHA-1 without any explicit algorithm selection

## Expected Behavior

`salted_hmac()` should default to `""sha256""` to match modern cryptographic best practices and align with Django's own internal usage.

## Actual Behavior

`salted_hmac()` defaults to `algorithm=""sha1""` (line 19 of `crypto.py`)."	Cleanup/optimization	new	Utilities		Normal		security, crypto	Denny Biasiolli	Unreviewed	1	0	0	0	0	0