Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@aws-crypto/sha256-browser
Advanced tools
SHA256 wrapper for browsers that prefers `window.crypto.subtle` but will fall back to a pure JS implementation in @aws-crypto/sha256-js to provide a consistent interface for SHA256.
The @aws-crypto/sha256-browser npm package is a JavaScript implementation of the SHA-256 cryptographic hash function specifically optimized for browser environments. It is part of the AWS SDK for JavaScript and is used to generate SHA-256 hashes of data, which is a common requirement for various security-related operations such as data integrity checks, digital signatures, and password hashing.
Generating SHA-256 hash
This feature allows you to generate a SHA-256 hash of the given data. The code sample demonstrates how to import the Sha256 class, create a new instance, update it with data, and then obtain the digest (the hash) as a promise.
import { Sha256 } from '@aws-crypto/sha256-browser';
async function hashData(data) {
const hash = new Sha256();
hash.update(data);
return hash.digest();
}
const data = new Uint8Array([/* data bytes here */]);
hashData(data).then(digest => {
console.log(digest);
});
Crypto-js is a popular package that provides a variety of cryptographic algorithms including SHA-256. It is not specific to AWS and can be used in both browser and Node.js environments. Compared to @aws-crypto/sha256-browser, crypto-js offers a broader range of cryptographic functions.
js-sha256 is a simple SHA-256 hash function for JavaScript that supports UTF-8 encoding. It is smaller and may be faster than @aws-crypto/sha256-browser but lacks the AWS SDK integration and optimizations for AWS services.
hash.js is a JavaScript hash library that supports several hash functions including SHA-256. It is designed to work in both Node.js and browser environments. While it provides similar functionality to @aws-crypto/sha256-browser, it is not tied to AWS and offers a wider range of hash functions.
SHA256 wrapper for browsers that prefers window.crypto.subtle
but will
fall back to a pure JS implementation in @aws-crypto/sha256-js
to provide a consistent interface for SHA256.
import {Sha256} from '@aws-crypto/sha256-browser'
const hash = new Sha256();
hash.update('some data');
const result = await hash.digest();
npm test
FAQs
SHA256 wrapper for browsers that prefers `window.crypto.subtle` but will fall back to a pure JS implementation in @aws-crypto/sha256-js to provide a consistent interface for SHA256.
We found that @aws-crypto/sha256-browser demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.