Security News
Combatting Alert Fatigue by Prioritizing Malicious Intent
In 2023, data breaches surged 78% from zero-day and supply chain attacks, but developers are still buried under alerts that are unable to prevent these threats.
file-type
Advanced tools
The file-type npm package is used to detect the file type of a Buffer/Uint8Array/ArrayBuffer. It supports many file types including images, audio, video, fonts, and archive formats. It is particularly useful when the file extension is unknown or has been changed, as it checks the file signature against a list of known file types.
Detecting file type from a Buffer
This feature allows you to detect the file type of a file by reading it into a Buffer and using the `fromBuffer` method to determine the file type.
const FileType = require('file-type');
const fs = require('fs');
(async () => {
const buffer = fs.readFileSync('example.png');
const fileType = await FileType.fromBuffer(buffer);
console.log(fileType);
})();
Detecting file type from a stream
This feature allows you to detect the file type of a file by creating a readable stream and using the `fromStream` method to determine the file type.
const FileType = require('file-type');
const fs = require('fs');
(async () => {
const stream = fs.createReadStream('example.png');
const fileType = await FileType.fromStream(stream);
console.log(fileType);
})();
Detecting file type from a file path
This feature allows you to detect the file type directly from a file path using the `fromFile` method.
const FileType = require('file-type');
(async () => {
const fileType = await FileType.fromFile('example.png');
console.log(fileType);
})();
The 'mmmagic' package is an async libmagic binding for node.js for content type detection. It uses magic numbers to detect the file type, similar to file-type, but it requires libmagic to be installed on the system, which can be a downside compared to the pure JavaScript implementation of file-type.
The 'buffer-type' package is another module for detecting the content type of a Buffer. It is less popular and has fewer file signatures compared to file-type, which means it may not recognize as many file types.
The 'file-signature' package allows for identifying file types by checking their magic number signature. It is similar to file-type but has a smaller set of supported file types and a simpler API.
Detect the file type of a Buffer/Uint8Array
The file type is detected by checking the magic number of the buffer.
$ npm install --save file-type
var readChunk = require('read-chunk'); // npm install read-chunk
var fileType = require('file-type');
var buffer = readChunk.sync('unicorn.png', 0, 262);
fileType(buffer);
//=> {ext: 'png', mime: 'image/png'}
or from a remote location:
var http = require('http');
var fileType = require('file-type');
var url = 'http://assets-cdn.github.com/images/spinners/octocat-spinner-32.gif';
http.get(url, function (res) {
res.once('data', function (chunk) {
res.destroy();
console.log(fileType(chunk));
//=> {ext: 'gif', mime: 'image/gif'}
});
});
var xhr = new XMLHttpRequest();
xhr.open('GET', 'unicorn.png');
xhr.responseType = 'arraybuffer';
xhr.onload = function () {
fileType(new Uint8Array(this.response));
//=> {ext: 'png', mime: 'image/png'}
};
xhr.send();
Returns an object (or null
when no match) with:
ext
- one of the supported file typesmime
- the MIME typeType: buffer
(Node.js), uint8array
It only needs the first 262 bytes.
$ npm install --global file-type
$ file-type --help
Usage
file-type <filename>
cat <filename> | file-type
Example
cat unicorn.png | file-type
png
jpg
png
gif
webp
cr2
tif
bmp
jxr
psd
zip
tar
rar
gz
bz2
7z
dmg
mp4
m4v
mid
mkv
webm
mov
avi
wmv
mpg
mp3
m4a
ogg
flac
wav
pdf
epub
exe
swf
rtf
woff
woff2
eot
ttf
otf
ico
flv
ps
xz
sqlite
SVG isn't included as it requires the whole file to be read, but you can get it here.
PR welcome for additional commonly used file types.
MIT © Sindre Sorhus
FAQs
Detect the file type of a file, stream, or data
The npm package file-type receives a total of 17,795,044 weekly downloads. As such, file-type popularity was classified as popular.
We found that file-type demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In 2023, data breaches surged 78% from zero-day and supply chain attacks, but developers are still buried under alerts that are unable to prevent these threats.
Security News
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
Security News
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.