build(deps-dev): bump hasha from 5.2.2 to 6.0.0

[dependabot]

Bumps hasha from 5.2.2 to 6.0.0.

Release notes

Sourced from hasha's releases.

v6.0.0

Breaking

• Require Node.js 18 6dda681
• This package is now pure ESM. Please read this.
• Converted the default import to named imports:
  • hasha → hashSync
  • hasha.async → hash
  • hasha.fromStream → hash
  • hasha.fromFile → hashFile
  • hasha.fromFileSync → hashFileSync
  • hasha.stream → hashingStream

sindresorhus/hasha@v5.2.2...v6.0.0

Commits

• 0ea6070 6.0.0
• 6dda681 Require Node.js 18 and move to ESM
• 9214f98 Meta tweaks
• 20f46af Move to GitHub Actions (#38)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dgolovin]

There is a problem with this bump for hasha, need more time to look at it

Error: require() of ES Module /Users/eskimo/Sources/crc-extension/node_modules/hasha/index.js from /Users/eskimo/Sources/crc-extension/dist/extension.cjs not supported. Instead change the require of index.js in /Users/eskimo/Sources/crc-extension/dist/extension.cjs to a dynamic import() which is available in all CommonJS modules.
Stack trace:
Error [ERR_REQUIRE_ESM]: require() of ES Module /Users/eskimo/Sources/crc-extension/node_modules/hasha/index.js from /Users/eskimo/Sources/crc-extension/dist/extension.cjs not supported.
Instead change the require of index.js in /Users/eskimo/Sources/crc-extension/dist/extension.cjs to a dynamic import() which is available in all CommonJS modules.
    at c._load (node:electron/js2c/node_init:2:17025)
    at Function.load2 [as _load] (/Users/eskimo/Sources/podman-desktop/packages/main/dist/index.cjs:77674:29)
    at Module.<anonymous> (/Users/eskimo/Sources/crc-extension/dist/extension.cjs:40:15)

[benoitf]

@dgolovin here is how I did that in Podman Desktop long time ago:
podman-desktop/podman-desktop@8e6debf

[dgolovin]

I think I tried that and other ways to deal with it. It works in dev env, but does not in runtime. For example in dev mode I can use import() and it works, but I get cannot use import() outside of the module error. Will check it again after crc-extension release.

[dgolovin]

here is how I did that in Podman Desktop long time ago:
podman-desktop/podman-desktop@8e6debf

in podman ext hasha is used only in scripts/download.ts and is not included into extension, that's why podman probably is not affected.

[dgolovin]

It works for me now in local env running directly with electron.
Installing from quay.io works too.
It also works if installed from quay.io/nivologd/crc-extension:latest to PD v1.12.0