LOADING…
0%
Complete changelog

Commit

refactor(security): Use Bun native crypto functions

Commit details

Commit notes

- Replace node:crypto timingSafeEqual with XOR-based constant-time comparison - Use Bun.CryptoHasher for SHA-256 hashing (synchronous, faster) - Use Bun.hash() for timing normalization in length mismatch case - Remove async/await from hashToken and verifyTokenHash (now synchronous) - Update tests to reflect synchronous function signatures

Performance improvement: Bun's native crypto is significantly faster than Web Crypto API's async digest functions.

Co-authored-by: armin.naimi <[email redacted]>

Files changed
3
Lines added
+63
Lines removed
−57
This page is a permanent record of commit 0039c08f.