diff --git a/bun.lockb b/bun.lockb index 19b2ac41..b77f85b3 100755 Binary files a/bun.lockb and b/bun.lockb differ diff --git a/package.json b/package.json index 2e390e89..c4052b43 100644 --- a/package.json +++ b/package.json @@ -620,14 +620,12 @@ "devDependencies": { "@hono/eslint-config": "^1.0.2", "@hono/node-server": "^1.8.2", - "@types/crypto-js": "^4.1.1", "@types/glob": "^8.0.0", "@types/jsdom": "^21.1.4", "@types/node": "20.11.4", "@types/supertest": "^2.0.12", "@vitest/coverage-v8": "^2.0.5", "arg": "^5.0.2", - "crypto-js": "^4.1.1", "esbuild": "^0.15.12", "eslint": "^9.10.0", "glob": "7.2.3", diff --git a/runtime-tests/fastly/index.test.ts b/runtime-tests/fastly/index.test.ts index 099305db..f8552c87 100644 --- a/runtime-tests/fastly/index.test.ts +++ b/runtime-tests/fastly/index.test.ts @@ -1,4 +1,4 @@ -import { SHA256 } from 'crypto-js' +import { createHash } from 'crypto' import { getRuntimeKey } from '../../src/helper/adapter' import { Hono } from '../../src/index' import { basicAuth } from '../../src/middleware/basic-auth' @@ -62,7 +62,7 @@ describe('Basic Auth Middleware with `hashFunction`', () => { basicAuth({ username, password, - hashFunction: (m: string) => SHA256(m).toString(), + hashFunction: (m: string) => createHash('sha256').update(m).digest('hex'), }) ) diff --git a/src/middleware/basic-auth/index.test.ts b/src/middleware/basic-auth/index.test.ts index 1fc7015a..e64d2db5 100644 --- a/src/middleware/basic-auth/index.test.ts +++ b/src/middleware/basic-auth/index.test.ts @@ -1,4 +1,4 @@ -import { SHA256 } from 'crypto-js' +import { createHash } from 'crypto' import { Hono } from '../../hono' import { basicAuth } from '.' @@ -61,7 +61,7 @@ describe('Basic Auth by Middleware', () => { basicAuth({ username: username, password: password, - hashFunction: (data: string) => SHA256(data).toString(), + hashFunction: (data: string) => createHash('sha256').update(data).digest('hex'), }) ) diff --git a/src/utils/buffer.test.ts b/src/utils/buffer.test.ts index 5fba3b6d..62f80581 100644 --- a/src/utils/buffer.test.ts +++ b/src/utils/buffer.test.ts @@ -1,4 +1,4 @@ -import { SHA256 as sha256CryptoJS } from 'crypto-js' +import { createHash } from 'crypto' import { bufferToFormData, bufferToString, equal, timingSafeEqual } from './buffer' describe('equal', () => { @@ -42,7 +42,11 @@ describe('buffer', () => { expect(await timingSafeEqual(undefined, undefined)).toBe(true) expect(await timingSafeEqual(true, true)).toBe(true) expect(await timingSafeEqual(false, false)).toBe(true) - expect(await timingSafeEqual(true, true, (d: string) => sha256CryptoJS(d).toString())) + expect( + await timingSafeEqual(true, true, (d: boolean) => + createHash('sha256').update(d.toString()).digest('hex') + ) + ) }) it('negative', async () => { diff --git a/yarn.lock b/yarn.lock index da515f14..f143d750 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1,6 +1,6 @@ # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. # yarn lockfile v1 -# bun ./bun.lockb --hash: DA11529C7F97C3FF-b3237be4d6b40612-FCFA012DAF0DCABC-52f32378b87f3da5 +# bun ./bun.lockb --hash: 229521234768470F-a4cd9955ab6a6ada-9D052F6AF60C5C4D-0bfb97a3d93af742 "@ampproject/remapping@^2.3.0": @@ -1137,11 +1137,6 @@ resolved "https://registry.npmjs.org/@types/cookiejar/-/cookiejar-2.1.5.tgz" integrity sha512-he+DHOWReW0nghN24E1WUqM0efK4kI9oTqDm6XmK8ZPe2djZ90BSNdGnIyCLzCPw7/pogPlGbzI2wHGGmi4O/Q== -"@types/crypto-js@^4.1.1": - version "4.2.2" - resolved "https://registry.npmjs.org/@types/crypto-js/-/crypto-js-4.2.2.tgz" - integrity sha512-sDOLlVbHhXpAUAL0YHDUUwDZf3iN4Bwi4W6a0W0b+QcAezUbRtH4FVb+9J4h+XFPW7l/gQ9F8qC7P+Ec4k8QVQ== - "@types/estree@1.0.5": version "1.0.5" resolved "https://registry.npmjs.org/@types/estree/-/estree-1.0.5.tgz" @@ -2067,11 +2062,6 @@ cross-spawn@^7.0.0, cross-spawn@^7.0.2, cross-spawn@^7.0.3: shebang-command "^2.0.0" which "^2.0.1" -crypto-js@^4.1.1: - version "4.2.0" - resolved "https://registry.npmjs.org/crypto-js/-/crypto-js-4.2.0.tgz" - integrity sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q== - crypto-random-string@^2.0.0: version "2.0.0" resolved "https://registry.npmjs.org/crypto-random-string/-/crypto-random-string-2.0.0.tgz"