Feature Request : Add Hash Function

[andrew-barnett]

Please add a hash function that supports one or more algorithms - such as some of the more common options in this list like SHA-256 or MD5.

My use case only requires a cryptographic hash function, but I'm sure as a general-purpose feature then more types of hash algorithms should be supported.

I propose the hash function always returns a hex-encoded string, though an optional parameter to the hashing function could change that. Alternatively, add @hex or to_hex as an encoding function.

Given:

one: Australia

And we run a command:

yq '.country |= hash("md5")'

it could output

country: 337f7efd9df09b9e309695b7f4276ed8

Things I've considered include:

1. system(command; args) operator #2048
2. custom YAML parser that supports a reviver function
3. complex and unmaintainable mashup of shell, sed and awk

Use case:

Given

• I have a YAML configuration file that contains a combination of banal data and secrets; and
• I would like to compare versions of the config file and show what has changed between versions; and
• I do not want to expose secrets in the output of the comparison.

Then

• I would like to hash all secrets before comparison so that secrets that have changed can be flagged, but only output hashed values so secrets are not exposed (assuming SHA-256 or SHA-512).

For example, given

avatar:
   image: empty.jpg
   username: johndoe
   password: s3cr3t

and

avatar:
   image: empty.jpg
   username: johnQpublic
   password: n3w_s3cr3t

the comparison (yq '.avatar.password |= hash("sha256")' on each file, then diff) would output

 avatar:
    image: empty.jpg
-   username: johndoe
+   username: johnQpublic
-   password: 33a751a343fad897ec20ad9d16b5bd21467db6da0bb5518d667fd0b6c5de1020
+   password: 69aeee1f15a66a56641100e108dbb3cac86c34a20fb99f5a30904c329816e762