Security News
How Threat Actors are Abusing GitHub’s File Upload Feature to Host Malware
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
By Sarah Gooding - Apr 23, 2024
@aws-crypto/supports-web-crypto
Advanced tools
- Version published
- Weekly downloads
- 12M
- increased by2.4%
- Maintainers
- 8
- Install size
- 110 kB
- Created
- Weekly downloads
Package description
What is @aws-crypto/supports-web-crypto?
The @aws-crypto/supports-web-crypto npm package is designed to check if the current runtime environment supports the Web Cryptography API. This is particularly useful for applications that need to perform cryptographic operations in environments where support for Web Crypto might vary, such as in different browsers or Node.js versions. By using this package, developers can ensure that their applications only attempt to use Web Crypto features when they are available, thereby avoiding potential errors in unsupported environments.
What are @aws-crypto/supports-web-crypto's main functionalities?
Checking Web Crypto Support
This feature allows developers to programmatically check if the Web Cryptography API is supported in the current runtime environment. The provided code sample demonstrates how to import the `supportsWebCrypto` function from the package and use it to perform this check. Depending on the result, it logs a message indicating whether or not Web Crypto is supported.
import { supportsWebCrypto } from '@aws-crypto/supports-web-crypto';
if (supportsWebCrypto()) {
console.log('Web Crypto is supported in this environment.');
} else {
console.log('Web Crypto is not supported in this environment.');
}Other packages similar to @aws-crypto/supports-web-crypto
crypto-browserify
The crypto-browserify package is a port of Node.js's crypto module to the browser. While it does not specifically check for Web Crypto support like @aws-crypto/supports-web-crypto, it provides a way to use cryptographic functions in environments that do not support the Web Cryptography API natively. This makes it a useful alternative for developers looking to perform cryptographic operations in a wide range of environments.
webcrypto-liner
Webcrypto-liner is a polyfill for the Web Cryptography API that aims to provide a consistent API across different environments, including those that do not support Web Crypto natively. Unlike @aws-crypto/supports-web-crypto, which checks for support, webcrypto-liner attempts to fill in the gaps when support is lacking. This makes it a complementary solution for ensuring that cryptographic operations can be performed regardless of the environment's native support.
Readme
@aws-crypto/supports-web-crypto
Functions to check web crypto support for browsers.
Usage
import {supportsWebCrypto} from '@aws-crypto/supports-web-crypto';
if (supportsWebCrypto(window)) {
// window.crypto.subtle.encrypt will exist
}
supportsWebCrypto
Used to make sure window.crypto.subtle exists and implements crypto functions
as well as a cryptographic secure random source exists.
supportsSecureRandom
Used to make sure that a cryptographic secure random source exists.
Does not check for window.crypto.subtle.
supportsSubtleCrypto
supportsZeroByteGCM
Test
npm test
FAQs
Provides functions for detecting if the host environment supports the WebCrypto API
The npm package @aws-crypto/supports-web-crypto receives a total of 9,465,306 weekly downloads. As such, @aws-crypto/supports-web-crypto popularity was classified as popular.
We found that @aws-crypto/supports-web-crypto demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 8 open source maintainers collaborating on the project.
Last updated on 16 Oct 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
By Sarah Gooding - Apr 19, 2024
Research
Security News
npm Package for ReExt React Components Library Exfiltrates Git Credentials
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
By Sarah Gooding, Socket Research Team - Apr 18, 2024