Replace js-sha256 dependency with @noble/hashes in Keycloak JS (keycl…

…oak#15769)
schreibse · Jun 24, 2024 · b853ea1 · b853ea1
1 parent 07081e1
commit b853ea1
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 11 deletions.
diff --git a/js/libs/keycloak-js/package.json b/js/libs/keycloak-js/package.json
@@ -78,7 +78,7 @@
     "shx": "^0.3.4"
   },
   "dependencies": {
-    "js-sha256": "^0.11.0",
+    "@noble/hashes": "^1.4.0",
     "jwt-decode": "^4.0.0"
   }
 }
diff --git a/js/libs/keycloak-js/rollup.config.ts b/js/libs/keycloak-js/rollup.config.ts
@@ -39,7 +39,7 @@ function defineOptions({
           file: path.join(targetDir, `${file}.mjs`),
         },
       ],
-      external: ["js-sha256", "jwt-decode"],
+      external: ["@noble/hashes", "jwt-decode"],
     },
     // Legacy Universal Module Definition, or “UMD”, with inlined dependencies.
     {

diff --git a/js/libs/keycloak-js/src/keycloak.js b/js/libs/keycloak-js/src/keycloak.js
@@ -14,7 +14,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import sha256 from 'js-sha256';
+import { sha256 } from '@noble/hashes/sha256';
 import { jwtDecode } from 'jwt-decode';
 
 if (typeof Promise === 'undefined') {

diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml