From e65baae74766df079f949342d6f979a925d92bfa Mon Sep 17 00:00:00 2001
From: Lucas Oliveira <olivmath@protonmail.com>
Date: Sat, 19 Oct 2024 03:26:56 -0300
Subject: [PATCH 1/2] update: hash library to

---
 merkly/utils.py | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/merkly/utils.py b/merkly/utils.py
index 4522666..508e8ee 100644
--- a/merkly/utils.py
+++ b/merkly/utils.py
@@ -3,7 +3,7 @@
 """
 
 from typing import Callable, List, Tuple
-from Crypto.Hash import keccak as cryptodome_keccak
+import keccaky
 import types
 
 
@@ -44,10 +44,8 @@ def keccak(data: bytes) -> bytes:
     ```
     """
 
-    keccak_256 = cryptodome_keccak.new(digest_bits=256)
-    keccak_256.update(data)
+    return keccaky.hash_it_bytes(data)
 
-    return keccak_256.digest()
 
 
 def half(list_item: List[int]) -> Tuple[int, int]:

From eae12bc403fccfe8a5bf058fec186397bc8a00ab Mon Sep 17 00:00:00 2001
From: Lucas Oliveira <olivmath@protonmail.com>
Date: Sat, 19 Oct 2024 03:27:16 -0300
Subject: [PATCH 2/2] update: deps and security report

---
 SECURITY.md    | 12 ++++++++----
 pyproject.toml |  3 ++-
 test/README.md |  8 ++++++++
 3 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index b9ec6e4..4670a5a 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -4,19 +4,23 @@
 
 | Version | Supported |
 | ------- | --------- |
-| > 1.0.0 | ✅        |
-| > 0.8.1 | ✅        |
+| > 1.3.0 | ✅        |
+| 0.8.x   | ❌        |
 | 0.7.x   | ❌        |
 | 0.6.x   | ❌        |
 | 0.5.x   | ❌        |
 | 0.4.x   | ❌        |
 | < 0.4.x | ❌        |
 
-## Reporting a Feature
+## Reporting a Vulnerability (v1.3.0)
+
+- [x] The pyCrypto library and its module keccak are no longer actively maintained and have been deprecated.
+
+## Break change (v1.0.0)
 
 - [x] support `merkletreejs`
 
-## Reporting a Vulnerability
+## Reporting a Vulnerability (v0.8.1)
 
 - [x] pysha3 has deprecated, update to 0.8.1
 
diff --git a/pyproject.toml b/pyproject.toml
index 5179928..334d1da 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "merkly"
-version = "1.2.0"
+version = "1.3.0"
 description = "🌳 The simple and easy implementation of Merkle Tree"
 authors = ["Lucas Oliveira <olivmath@protonmail.com>"]
 repository = "https://github.com/olivmath/merkly.git"
@@ -33,6 +33,7 @@ classifiers = [
     pycryptodome = "^3.19.0"
     pydantic = "^2.9.2"
     python = "^3.8"
+    keccaky = "^0.3.1"
 
 [tool.poetry.dev-dependencies]
     conventional-pre-commit = "^3.0.0"
diff --git a/test/README.md b/test/README.md
index 2217a1a..cc8baf7 100644
--- a/test/README.md
+++ b/test/README.md
@@ -1,2 +1,10 @@
 > [!WARNING]
 > For run tests you need install javascript deps!
+
+
+> [!NOTE]
+> To run just unit tests
+
+```bash
+pytest -m "not benchmark and not merkletreejs" -vv
+```
\ No newline at end of file