From b853ea1016d93dd0acb02ebc1e0b14470cfb1fd0 Mon Sep 17 00:00:00 2001
From: sts <sts@guidnew.com>
Date: Fri, 21 Jun 2024 23:36:44 -0500
Subject: [PATCH] Replace js-sha256 dependency with @noble/hashes in Keycloak
 JS (#15769)

---
 js/libs/keycloak-js/package.json     |  2 +-
 js/libs/keycloak-js/rollup.config.ts |  2 +-
 js/libs/keycloak-js/src/keycloak.js  |  2 +-
 pnpm-lock.yaml                       | 17 +++++++++--------
 4 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/js/libs/keycloak-js/package.json b/js/libs/keycloak-js/package.json
index 89ec4ada3ca1..85d241a80b56 100644
--- a/js/libs/keycloak-js/package.json
+++ b/js/libs/keycloak-js/package.json
@@ -78,7 +78,7 @@
     "shx": "^0.3.4"
   },
   "dependencies": {
-    "js-sha256": "^0.11.0",
+    "@noble/hashes": "^1.4.0",
     "jwt-decode": "^4.0.0"
   }
 }
diff --git a/js/libs/keycloak-js/rollup.config.ts b/js/libs/keycloak-js/rollup.config.ts
index 51817df0d557..4e4009787e38 100644
--- a/js/libs/keycloak-js/rollup.config.ts
+++ b/js/libs/keycloak-js/rollup.config.ts
@@ -39,7 +39,7 @@ function defineOptions({
           file: path.join(targetDir, `${file}.mjs`),
         },
       ],
-      external: ["js-sha256", "jwt-decode"],
+      external: ["@noble/hashes", "jwt-decode"],
     },
     // Legacy Universal Module Definition, or “UMD”, with inlined dependencies.
     {
diff --git a/js/libs/keycloak-js/src/keycloak.js b/js/libs/keycloak-js/src/keycloak.js
index 5ad03f510d2a..1aaf1632ba40 100755
--- a/js/libs/keycloak-js/src/keycloak.js
+++ b/js/libs/keycloak-js/src/keycloak.js
@@ -14,7 +14,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import sha256 from 'js-sha256';
+import { sha256 } from '@noble/hashes/sha256';
 import { jwtDecode } from 'jwt-decode';
 
 if (typeof Promise === 'undefined') {
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 358c7938872a..6712175c330f 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -356,9 +356,9 @@ importers:
 
   js/libs/keycloak-js:
     dependencies:
-      js-sha256:
-        specifier: ^0.11.0
-        version: 0.11.0
+      '@noble/hashes':
+        specifier: ^1.4.0
+        version: 1.4.0
       jwt-decode:
         specifier: ^4.0.0
         version: 4.0.0
@@ -1073,6 +1073,10 @@ packages:
       react: ^16.8.0 || ^17.0.0 || ^18.0.0
       react-dom: ^16.8.0 || ^17.0.0 || ^18.0.0
 
+  '@noble/hashes@1.4.0':
+    resolution: {integrity: sha512-V1JJ1WTRUqHHrOSh597hURcMqVKVGL/ea3kv0gSnEdsEZ0/+VyPghM1lMNGc00z7CIQorSvbKpuJkxvuHbvdbg==}
+    engines: {node: '>= 16'}
+
   '@nodelib/fs.scandir@2.1.5':
     resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==}
     engines: {node: '>= 8'}
@@ -3365,9 +3369,6 @@ packages:
   jquery@3.7.1:
     resolution: {integrity: sha512-m4avr8yL8kmFN8psrbFFFmB/If14iN5o9nw/NgnnM+kybDJpRsAynV2BsfpTYrTRysYUdADVD7CkUUizgkpLfg==}
 
-  js-sha256@0.11.0:
-    resolution: {integrity: sha512-6xNlKayMZvds9h1Y1VWc0fQHQ82BxTXizWPEtEeGvmOUYpBRy4gbWroHLpzowe6xiQhHpelCQiE7HEdznyBL9Q==}
-
   js-tokens@4.0.0:
     resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==}
 
@@ -5575,6 +5576,8 @@ snapshots:
       react: 18.3.1
       react-dom: 18.3.1(react@18.3.1)
 
+  '@noble/hashes@1.4.0': {}
+
   '@nodelib/fs.scandir@2.1.5':
     dependencies:
       '@nodelib/fs.stat': 2.0.5
@@ -8212,8 +8215,6 @@ snapshots:
 
   jquery@3.7.1: {}
 
-  js-sha256@0.11.0: {}
-
   js-tokens@4.0.0: {}
 
   js-tokens@9.0.0: {}