chore: remove crypto-js from dev dependencies (#3447)

package.json

@@ -620,14 +620,12 @@
   "devDependencies": {
     "@hono/eslint-config": "^1.0.2",
     "@hono/node-server": "^1.8.2",
-    "@types/crypto-js": "^4.1.1",
     "@types/glob": "^8.0.0",
     "@types/jsdom": "^21.1.4",
     "@types/node": "20.11.4",
     "@types/supertest": "^2.0.12",
     "@vitest/coverage-v8": "^2.0.5",
     "arg": "^5.0.2",
-    "crypto-js": "^4.1.1",
     "esbuild": "^0.15.12",
     "eslint": "^9.10.0",
     "glob": "7.2.3",

runtime-tests/fastly/index.test.ts

@@ -1,4 +1,4 @@
-import { SHA256 } from 'crypto-js'
+import { createHash } from 'crypto'
 import { getRuntimeKey } from '../../src/helper/adapter'
 import { Hono } from '../../src/index'
 import { basicAuth } from '../../src/middleware/basic-auth'
@@ -62,7 +62,7 @@ describe('Basic Auth Middleware with `hashFunction`', () => {
     basicAuth({
       username,
       password,
-      hashFunction: (m: string) => SHA256(m).toString(),
+      hashFunction: (m: string) => createHash('sha256').update(m).digest('hex'),
     })
   )
 

src/middleware/basic-auth/index.test.ts

@@ -1,4 +1,4 @@
-import { SHA256 } from 'crypto-js'
+import { createHash } from 'crypto'
 import { Hono } from '../../hono'
 import { basicAuth } from '.'
 
@@ -61,7 +61,7 @@ describe('Basic Auth by Middleware', () => {
     basicAuth({
       username: username,
       password: password,
-      hashFunction: (data: string) => SHA256(data).toString(),
+      hashFunction: (data: string) => createHash('sha256').update(data).digest('hex'),
     })
   )
 

src/utils/buffer.test.ts

@@ -1,4 +1,4 @@
-import { SHA256 as sha256CryptoJS } from 'crypto-js'
+import { createHash } from 'crypto'
 import { bufferToFormData, bufferToString, equal, timingSafeEqual } from './buffer'
 
 describe('equal', () => {
@@ -42,7 +42,11 @@ describe('buffer', () => {
     expect(await timingSafeEqual(undefined, undefined)).toBe(true)
     expect(await timingSafeEqual(true, true)).toBe(true)
     expect(await timingSafeEqual(false, false)).toBe(true)
-    expect(await timingSafeEqual(true, true, (d: string) => sha256CryptoJS(d).toString()))
+    expect(
+      await timingSafeEqual(true, true, (d: boolean) =>
+        createHash('sha256').update(d.toString()).digest('hex')
+      )
+    )
   })
 
   it('negative', async () => {

yarn.lock

@@ -1,6 +1,6 @@
 # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
 # yarn lockfile v1
-# bun ./bun.lockb --hash: DA11529C7F97C3FF-b3237be4d6b40612-FCFA012DAF0DCABC-52f32378b87f3da5
+# bun ./bun.lockb --hash: 229521234768470F-a4cd9955ab6a6ada-9D052F6AF60C5C4D-0bfb97a3d93af742
 
 
 "@ampproject/remapping@^2.3.0":
@@ -1137,11 +1137,6 @@
   resolved "https://registry.npmjs.org/@types/cookiejar/-/cookiejar-2.1.5.tgz"
   integrity sha512-he+DHOWReW0nghN24E1WUqM0efK4kI9oTqDm6XmK8ZPe2djZ90BSNdGnIyCLzCPw7/pogPlGbzI2wHGGmi4O/Q==
 
-"@types/crypto-js@^4.1.1":
-  version "4.2.2"
-  resolved "https://registry.npmjs.org/@types/crypto-js/-/crypto-js-4.2.2.tgz"
-  integrity sha512-sDOLlVbHhXpAUAL0YHDUUwDZf3iN4Bwi4W6a0W0b+QcAezUbRtH4FVb+9J4h+XFPW7l/gQ9F8qC7P+Ec4k8QVQ==
-
 "@types/[email protected]":
   version "1.0.5"
   resolved "https://registry.npmjs.org/@types/estree/-/estree-1.0.5.tgz"
@@ -2067,11 +2062,6 @@ cross-spawn@^7.0.0, cross-spawn@^7.0.2, cross-spawn@^7.0.3:
     shebang-command "^2.0.0"
     which "^2.0.1"
 
-crypto-js@^4.1.1:
-  version "4.2.0"
-  resolved "https://registry.npmjs.org/crypto-js/-/crypto-js-4.2.0.tgz"
-  integrity sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q==
-
 crypto-random-string@^2.0.0:
   version "2.0.0"
   resolved "https://registry.npmjs.org/crypto-random-string/-/crypto-random-string-2.0.0.tgz"