Use FIPS Compliant sha256 algorithm for hashing

packages/react-dev-utils/getCSSModuleLocalIdent.js

@@ -25,7 +25,7 @@ module.exports = function getLocalIdent(
   // Create a hash based on a the file location and class name. Will be unique across a project, and close to globally unique.
   const hash = loaderUtils.getHashDigest(
     path.posix.relative(context.rootContext, context.resourcePath) + localName,
-    'md5',
+    'sha256',
     'base64',
     5
   );

packages/react-scripts/config/webpack.config.js

@@ -238,6 +238,8 @@ module.exports = function (webpackEnv) {
               .replace(/\\/g, '/')
         : isEnvDevelopment &&
           (info => path.resolve(info.absoluteResourcePath).replace(/\\/g, '/')),
+      // Some environments disable insecure hash functions like md4,md5
+      hashFunction: 'sha256',
     },
     cache: {
       type: 'filesystem',

packages/react-scripts/config/webpack/persistentCache/createEnvironmentHash.js

@@ -2,7 +2,7 @@
 const { createHash } = require('crypto');
 
 module.exports = env => {
-  const hash = createHash('md5');
+  const hash = createHash('sha256');
   hash.update(JSON.stringify(env));
 
   return hash.digest('hex');