Rules Hub

Coding Rules Library

← Back to all rules

Rule priority, scope & exceptions

Use this to align rules with the senior-level structure (P0/P1/P2, scope, exceptions/tradeoffs).

PriorityP1 — maintainability, architecture, long-term qualityScopeUniversal — language-agnostic, broadly applicable

Exceptions / tradeoffs (EN)Iznimke / tradeoffi (HR)

backend ruleP1universalStack: node

securityhashingcrypto

Use SHA-256 instead of SHA-1 for hashing

Default to SHA-256 (or stronger) for any hash; never reach for the cryptographically broken SHA-1, even for non-security identifiers.

PR: startsiden/hegnar-live-feed-service#2Created: Jun 17, 2026

Bad example

Old codets

1	`const hash = createHash('sha1').update(normalized).digest('hex').slice(0, 8);`

Explanation (EN)

SHA-1 is collision-broken. Using it signals weak hygiene, can fail security audits, and risks accidental reuse where collisions actually matter.

Objašnjenje (HR)

SHA-1 je probijen po pitanju kolizija. Njegovo koristenje signalizira losu higijenu, moze pasti na sigurnosnim revizijama i rizicira slucajnu ponovnu upotrebu tamo gdje kolizije stvarno znace.

Good example

New codets

1	`const hash = createHash('sha256').update(normalized).digest('hex').slice(0, 8);`

Explanation (EN)

SHA-256 is collision-resistant and the safe default; slicing the digest still gives a short, stable identifier.

Objašnjenje (HR)

SHA-256 je otporan na kolizije i siguran zadani izbor; rezanje digesta i dalje daje kratak, stabilan identifikator.

Exceptions / Tradeoffs (EN)

Only use SHA-1 when forced for interop with an external system that mandates it, and document why.

Iznimke / Tradeoffi (HR)

Koristite SHA-1 samo kada ste prisiljeni zbog interoperabilnosti s vanjskim sustavom koji ga zahtijeva, i dokumentirajte zasto.

Login required