Giters

wonday / react-native-pdf

A <Pdf /> component for react-native

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

crypto-js is no longer maintained

briancameron-appsec opened this issue · comments

commented

crypto-js is discontinued. Probably a good idea to switch to using something else as a dependency for SHA.

I notice crypto-js is only used here:

react-native-pdf/index.js

Line 25 in 5df5a1b

const SHA1 = require('crypto-js/sha1');

SHA-1 is considered unsafe and has collision concerns. Shouldn't SHA-256 be used instead these days?