(please see bug details referring to the FIPS compliant image described)
Describe the bug
I have a requirement to build my application in a FIPS compliant container, and currently that is not possible due to the use of the deprecated md5 crypto algorithm. Since, from what I can tell, this is used only for creating version hashes, I believe it'd be benign to switch to a more modern algorithm.
Container base image: Chainguard's node-fips image built with Node v22 (see here) which ships with the OpenSSL FIPS provider.
Step: 1:
Create a Dockerfile that pulls the Chainguard node-fips image, copies this project's source files into the image, and runs the test command
Step 2: Run the docker build . command
That results in an error that looks like this:
Error output
```bash
74.45 Error: error:0308010C:digital envelope routines::unsupported
74.45 at new Hash (node:internal/crypto/hash:79:19)
74.45 at createHash (node:crypto:139:10)
74.45 at md5 (/app/node_modules/jiti/dist/jiti.js:1:247005)
74.45 at opts.transform.Object.assign.Object.assign.Object.assign.legacy (/app/node_modules/jiti/dist/jiti.js:1:251648)
74.45 at transform (/app/node_modules/jiti/dist/jiti.js:1:252178)
74.45 at evalModule (/app/node_modules/jiti/dist/jiti.js:1:255358)
74.45 at jiti (/app/node_modules/jiti/dist/jiti.js:1:254371)
74.45 at /app/node_modules/tailwindcss/lib/lib/load-config.js:52:30
74.45 at loadConfig (/app/node_modules/tailwindcss/lib/lib/load-config.js:54:6)
74.45 at getTailwindConfig (/app/node_modules/tailwindcss/lib/lib/setupTrackingContext.js:71:116)
74.45 at tryRunOrWebpackError (/app/node_modules/next/dist/compiled/webpack/bundle5.js:28:312989)
74.45 at __webpack_require_module__ (/app/node_modules/next/dist/compiled/webpack/bundle5.js:28:131165)
74.45 at __nested_webpack_require_153728__ (/app/node_modules/next/dist/compiled/webpack/bundle5.js:28:130607)
74.45 at /app/node_modules/next/dist/compiled/webpack/bundle5.js:28:131454
74.45 at symbolIterator (/app/node_modules/next/dist/compiled/neo-async/async.js:1:14444)
74.45 at done (/app/node_modules/next/dist/compiled/neo-async/async.js:1:14824)
74.45 at Hook.eval [as callAsync] (eval at create (/app/node_modules/next/dist/compiled/webpack/bundle5.js:13:28858), :15:1)
74.45 at /app/node_modules/next/dist/compiled/webpack/bundle5.js:28:130328
74.45 at symbolIterator (/app/node_modules/next/dist/compiled/neo-async/async.js:1:14402)
74.45 at timesSync (/app/node_modules/next/dist/compiled/neo-async/async.js:1:5027)
```
Additional context
I attempted to open a PR to change the utility to use the sha256 algorithm, but I do not appear to have permissions to create a branch. I think this would be pretty simple to change the md5 function to sha256 and use that argument in the Node createHash function.
Environment
NodeJs version: v22.11.0
jiti@latest
Reproduction
(please see bug details referring to the FIPS compliant image described)
Describe the bug
I have a requirement to build my application in a FIPS compliant container, and currently that is not possible due to the use of the deprecated md5 crypto algorithm. Since, from what I can tell, this is used only for creating version hashes, I believe it'd be benign to switch to a more modern algorithm.
Container base image: Chainguard's node-fips image built with Node v22 (see here) which ships with the OpenSSL FIPS provider.
Step: 1: Create a Dockerfile that pulls the Chainguard node-fips image, copies this project's source files into the image, and runs the test command Step 2: Run the docker build . command
That results in an error that looks like this:
Error output
```bash 74.45 Error: error:0308010C:digital envelope routines::unsupported 74.45 at new Hash (node:internal/crypto/hash:79:19) 74.45 at createHash (node:crypto:139:10) 74.45 at md5 (/app/node_modules/jiti/dist/jiti.js:1:247005) 74.45 at opts.transform.Object.assign.Object.assign.Object.assign.legacy (/app/node_modules/jiti/dist/jiti.js:1:251648) 74.45 at transform (/app/node_modules/jiti/dist/jiti.js:1:252178) 74.45 at evalModule (/app/node_modules/jiti/dist/jiti.js:1:255358) 74.45 at jiti (/app/node_modules/jiti/dist/jiti.js:1:254371) 74.45 at /app/node_modules/tailwindcss/lib/lib/load-config.js:52:30 74.45 at loadConfig (/app/node_modules/tailwindcss/lib/lib/load-config.js:54:6) 74.45 at getTailwindConfig (/app/node_modules/tailwindcss/lib/lib/setupTrackingContext.js:71:116) 74.45 at tryRunOrWebpackError (/app/node_modules/next/dist/compiled/webpack/bundle5.js:28:312989) 74.45 at __webpack_require_module__ (/app/node_modules/next/dist/compiled/webpack/bundle5.js:28:131165) 74.45 at __nested_webpack_require_153728__ (/app/node_modules/next/dist/compiled/webpack/bundle5.js:28:130607) 74.45 at /app/node_modules/next/dist/compiled/webpack/bundle5.js:28:131454 74.45 at symbolIterator (/app/node_modules/next/dist/compiled/neo-async/async.js:1:14444) 74.45 at done (/app/node_modules/next/dist/compiled/neo-async/async.js:1:14824) 74.45 at Hook.eval [as callAsync] (eval at create (/app/node_modules/next/dist/compiled/webpack/bundle5.js:13:28858),Additional context
I attempted to open a PR to change the utility to use the
sha256algorithm, but I do not appear to have permissions to create a branch. I think this would be pretty simple to change themd5function tosha256and use that argument in the NodecreateHashfunction.Logs
No response