You are viewing a single comment's thread from:
RE: ihashgen release: A node library that generate hash for SRI
Sounds nice, but why sha384? There are better algos if you are concerned about zero-collisions (which you should be). Forget sha256 and go for something in this answer: https://softwareengineering.stackexchange.com/a/145633
SHA384 is used because of standards. Most of the SRI used SHA384 for that, which are being supported in most browser.
https://www.w3.org/TR/SRI/
Other alternatives would be SHA256, SHA512.
For browser compatability: https://caniuse.com/#search=sri
Ok - thanks for the response (and the cool resources!)