Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement →
@pnpm/crypto.hash
Advanced tools
@pnpm/crypto.hash - npm Package Compare versions
+13
-48
@@ -1,50 +0,15 @@ | ||
| "use strict"; | ||
| var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { | ||
| if (k2 === undefined) k2 = k; | ||
| var desc = Object.getOwnPropertyDescriptor(m, k); | ||
| if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { | ||
| desc = { enumerable: true, get: function() { return m[k]; } }; | ||
| } | ||
| Object.defineProperty(o, k2, desc); | ||
| }) : (function(o, m, k, k2) { | ||
| if (k2 === undefined) k2 = k; | ||
| o[k2] = m[k]; | ||
| })); | ||
| var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { | ||
| Object.defineProperty(o, "default", { enumerable: true, value: v }); | ||
| }) : function(o, v) { | ||
| o["default"] = v; | ||
| }); | ||
| var __importStar = (this && this.__importStar) || function (mod) { | ||
| if (mod && mod.__esModule) return mod; | ||
| var result = {}; | ||
| if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); | ||
| __setModuleDefault(result, mod); | ||
| return result; | ||
| }; | ||
| var __importDefault = (this && this.__importDefault) || function (mod) { | ||
| return (mod && mod.__esModule) ? mod : { "default": mod }; | ||
| }; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.createShortHash = createShortHash; | ||
| exports.createHexHash = createHexHash; | ||
| exports.createHash = createHash; | ||
| exports.createHashFromMultipleFiles = createHashFromMultipleFiles; | ||
| exports.createHashFromFile = createHashFromFile; | ||
| exports.createHexHashFromFile = createHexHashFromFile; | ||
| exports.getTarballIntegrity = getTarballIntegrity; | ||
| const crypto = __importStar(require("@pnpm/crypto.polyfill")); | ||
| const fs_1 = __importDefault(require("fs")); | ||
| const graceful_fs_1 = __importDefault(require("@pnpm/graceful-fs")); | ||
| const ssri_1 = __importDefault(require("ssri")); | ||
| function createShortHash(input) { | ||
| import crypto from 'node:crypto'; | ||
| import fs from 'node:fs'; | ||
| import gfs from '@pnpm/fs.graceful-fs'; | ||
| import ssri from 'ssri'; | ||
| export function createShortHash(input) { | ||
| return createHexHash(input).substring(0, 32); | ||
| } | ||
| function createHexHash(input) { | ||
| export function createHexHash(input) { | ||
| return crypto.hash('sha256', input, 'hex'); | ||
| } | ||
| function createHash(input) { | ||
| export function createHash(input) { | ||
| return `sha256-${crypto.hash('sha256', input, 'base64')}`; | ||
| } | ||
| async function createHashFromMultipleFiles(files) { | ||
| export async function createHashFromMultipleFiles(files) { | ||
| if (files.length === 1) { | ||
@@ -56,15 +21,15 @@ return createHashFromFile(files[0]); | ||
| } | ||
| async function createHashFromFile(file) { | ||
| export async function createHashFromFile(file) { | ||
| return createHash(await readNormalizedFile(file)); | ||
| } | ||
| async function createHexHashFromFile(file) { | ||
| export async function createHexHashFromFile(file) { | ||
| return createHexHash(await readNormalizedFile(file)); | ||
| } | ||
| async function readNormalizedFile(file) { | ||
| const content = await fs_1.default.promises.readFile(file, 'utf8'); | ||
| const content = await fs.promises.readFile(file, 'utf8'); | ||
| return content.split('\r\n').join('\n'); | ||
| } | ||
| async function getTarballIntegrity(filename) { | ||
| return (await ssri_1.default.fromStream(graceful_fs_1.default.createReadStream(filename))).toString(); | ||
| export async function getTarballIntegrity(filename) { | ||
| return (await ssri.fromStream(gfs.createReadStream(filename))).toString(); | ||
| } | ||
| //# sourceMappingURL=index.js.map |
+13
-14
| { | ||
| "name": "@pnpm/crypto.hash", | ||
| "version": "1000.2.2", | ||
| "version": "1100.0.0", | ||
| "description": "Generate hashes", | ||
| "keywords": [ | ||
| "pnpm", | ||
| "pnpm10", | ||
| "pnpm11", | ||
| "crypto", | ||
@@ -18,3 +18,3 @@ "hash" | ||
| }, | ||
| "type": "commonjs", | ||
| "type": "module", | ||
| "main": "lib/index.js", | ||
@@ -30,15 +30,14 @@ "types": "lib/index.d.ts", | ||
| "dependencies": { | ||
| "ssri": "10.0.5", | ||
| "@pnpm/crypto.polyfill": "1000.1.0", | ||
| "@pnpm/graceful-fs": "1000.1.0" | ||
| "ssri": "13.0.1", | ||
| "@pnpm/fs.graceful-fs": "1100.0.0" | ||
| }, | ||
| "devDependencies": { | ||
| "@types/ssri": "^7.1.5", | ||
| "@types/tar-stream": "^2.2.3", | ||
| "tar-stream": "^2.2.0", | ||
| "@pnpm/crypto.hash": "1000.2.2", | ||
| "@pnpm/prepare": "1000.0.15" | ||
| "@types/tar-stream": "^3.1.4", | ||
| "tar-stream": "^3.1.7", | ||
| "@pnpm/prepare": "1100.0.0", | ||
| "@pnpm/crypto.hash": "1100.0.0" | ||
| }, | ||
| "engines": { | ||
| "node": ">=18.12" | ||
| "node": ">=22.13" | ||
| }, | ||
@@ -50,6 +49,6 @@ "jest": { | ||
| "lint": "eslint \"src/**/*.ts\" \"test/**/*.ts\"", | ||
| "_test": "jest", | ||
| "test": "pnpm run compile && pnpm run _test", | ||
| "compile": "tsc --build && pnpm run lint --fix" | ||
| "test": "pn compile && pn .test", | ||
| "compile": "tsgo --build && pn lint --fix", | ||
| ".test": "cross-env NODE_OPTIONS=\"$NODE_OPTIONS --experimental-vm-modules --disable-warning=ExperimentalWarning --disable-warning=DEP0169\" jest" | ||
| } | ||
| } |
| {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAKA,0CAEC;AAED,sCAEC;AAED,gCAEC;AAED,kEAMC;AAED,gDAEC;AAED,sDAEC;AAOD,kDAEC;AAxCD,8DAA+C;AAC/C,4CAAmB;AACnB,oEAAmC;AACnC,gDAAuB;AAEvB,SAAgB,eAAe,CAAE,KAAa;IAC5C,OAAO,aAAa,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;AAC9C,CAAC;AAED,SAAgB,aAAa,CAAE,KAAa;IAC1C,OAAO,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,EAAE,KAAK,CAAC,CAAA;AAC5C,CAAC;AAED,SAAgB,UAAU,CAAE,KAAa;IACvC,OAAO,UAAU,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,EAAE,QAAQ,CAAC,EAAE,CAAA;AAC3D,CAAC;AAEM,KAAK,UAAU,2BAA2B,CAAE,KAAe;IAChE,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;IACrC,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC,CAAA;IAC/D,OAAO,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;AACrC,CAAC;AAEM,KAAK,UAAU,kBAAkB,CAAE,IAAY;IACpD,OAAO,UAAU,CAAC,MAAM,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAA;AACnD,CAAC;AAEM,KAAK,UAAU,qBAAqB,CAAE,IAAY;IACvD,OAAO,aAAa,CAAC,MAAM,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAA;AACtD,CAAC;AAED,KAAK,UAAU,kBAAkB,CAAE,IAAY;IAC7C,MAAM,OAAO,GAAG,MAAM,YAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;IACxD,OAAO,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzC,CAAC;AAEM,KAAK,UAAU,mBAAmB,CAAE,QAAgB;IACzD,OAAO,CAAC,MAAM,cAAI,CAAC,UAAU,CAAC,qBAAG,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAA;AAC3E,CAAC"} |
Fixed alerts
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Dependency count
2
-33.33%- Number of low supply chain risk alerts
1
-50%- Is type module
Yes
NaNWorsened metrics
- Total package byte prevSize
4271
-41.47%- Number of package files
5
-16.67%- Lines of code
40
-46.67%Dependency changes
+ Added
@pnpm/fs.graceful-fs@1100.0.0(transitive)+ Added
ssri@13.0.1(transitive)- Removed
@pnpm/crypto.polyfill@1000.1.0- Removed
@pnpm/graceful-fs@1000.1.0- Removed
@pnpm/crypto.polyfill@1000.1.0(transitive)- Removed
@pnpm/graceful-fs@1000.1.0(transitive)- Removed
ssri@10.0.5(transitive)Updated
ssri@13.0.1