Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

asset-hash

Package Overview
Dependencies
Maintainers
1
Versions
56
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

asset-hash

Very fast asset hashing function for using e.g. during front-end deployments.

  • 3.0.2
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
1.2K
decreased by-68.55%
Maintainers
1
Weekly downloads
 
Created
Source

Asset Hash
Sponsored by Version Downloads Build Status Unix Build Status Windows Dependencies

Asset Hash is a quick wrapper around hashing libraries for efficient and fast hashing of asset files like images, web fonts, etc. By default it uses the performance-optimized Metrohash and a Base52 encoding ([a-zA-Z]) which works well for file names and urls and has a larger dictionary than when using hex.

Table of Contents

Installation

NPM

$ npm install asset-hash

Yarn

$ yarn add asset-hash

Speed

For speed comparisons of different algorithms we created a small repository containing the source code and some results. Check it out. TLDR: Modern non-cryptographic hashing could be way faster than cryptographic solutions like MD5 or SHA1. Best algorithm right now for our use cases seems to be MetroHash128. This is why we made it the default.

Usage

There are two main methods: getHash(filePath, options) and getHashedName(filePath, options) and a more traditional class Hasher(options). Both methods return a Promise with there actual hash or hash file name as a result. The class offers the pretty traditional methods update(data) and digest(options) to send data or to retrieve the hash.

Options:

  • hash: Any valid hashing algorithm e.g. metrohash128 (default), metrohash64, xxhash64, xxhash32, sha1, md5, ...
  • encoding: Any valid encoding for built-in digests hex, base64, base62, ...
  • maxLength: Maximum length of returned digest. Keep in mind that this increases collison probability.

For supporting xxhash you have to install the npm module xxhash on your own. Because there are currently issues with Node v12 we decided to remove the direct dependency in this module.

getHash()

import { getHash } from "asset-hash"
getHash("./src/fixtures/font.woff").then((hash) => {
  console.log("Hash:", hash) => "Hash: fXQovA"
})

getHashedName()

The hashed file name replaces the name part of the file with the hash while keeping the file extension.

import { getHashedName } from "asset-hash"
getHashedName("./src/fixtures/font.woff").then((hashedName) => {
  console.log("Hashed Filename:", hashedName) => "Hashed Filename: fXQovA.woff"
})

Class Hasher

import { Hasher } from "asset-hash"
const hasher = new Hasher()
hasher.update(data)
console.log("Hashed Data:", hasher.digest()) => "Hashed Data: XDOPW"

Webpack Example Config

You can use the powerful hashing of AssetHash inside Webpack as well. This leads to a) better performance and b) shorter hashes. Here is an example configuration:

import { Hasher } from "asset-hash"

...

  output: {
    hashFunction: Hasher,
    hashDigest: "base52",
    hashDigestLength: 8
  }

...

For more details please check the official Webpack docs.

License

Apache License; Version 2.0, January 2004

Logo of Sebastian Software GmbH, Mainz, Germany

Copyright 2017-2019
Sebastian Software GmbH

Keywords

FAQs

Package last updated on 01 Oct 2019

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc