fix: Use sha-384 for integrity (#10657)

--- ## PR-Codex overview The focus of this PR is to update the integrity attributes of external scripts for enhanced security. ### Detailed summary - Updated integrity attribute of TradingView script in `TradingView.tsx` - Updated integrity attribute of webview SDK script in `_app.tsx` > ✨ Ask PR-Codex anything about this PR by commenting with `/codex {your question}`
pancakeswap · Sep 10, 2024 · ecf89ef · ecf89ef
1 parent d7d79b2
commit ecf89ef
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/apps/web/src/components/TradingView.tsx b/apps/web/src/components/TradingView.tsx
@@ -89,7 +89,7 @@ const TradingView = ({ id, symbol }: TradingViewProps) => {
     <Box overflow="hidden" className="tradingview_container">
       <Script
         src="https://s3.tradingview.com/tv.js"
-        integrity="sha256-kYIDvJ8KAurvEZgYL7xBP19dqfZsI978rTedCEmYTk4="
+        integrity="sha384-Ls/9Wo/asvZC1Rnsucma+PcBQWnzFp+TvkhrljOg5qT5BCh4HrRNwrTeXYP9dOcS"
         crossOrigin="anonymous"
         strategy="lazyOnload"
         id="tv.js"

diff --git a/apps/web/src/pages/_app.tsx b/apps/web/src/pages/_app.tsx
@@ -96,7 +96,7 @@ function MyApp(props: AppProps<{ initialReduxState: any; dehydratedState: any }>
           // eslint-disable-next-line @next/next/no-sync-scripts
           <script
             src="https://public.bnbstatic.com/static/js/mp-webview-sdk/webview-v1.0.0.min.js"
-            integrity="sha256-Wqm2Zt2K4YzcLvvyBlJ3HMEQteIpnbt5dJgNDdahXBY="
+            integrity="sha384-PV6Pqh2oiQNNl9jwtcTIue3fwDnP5k80+DaPY8/AS4qxGA91MsE3G91BQ2jQ81oT"
             crossOrigin="anonymous"
             id="mp-webview"
           />