Security News
PyPI’s New Archival Feature Closes a Major Security Gap
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
By Sarah Gooding - Jan 30, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
fingerprint
Advanced tools
Fingerprint
A Stylus plugin to fingerprint images inside your stylesheets, so browsers can re-download them in case it changes before its expiry date or maximum age, because both fingerprint (and so the URL) changes whenever the file does.
Usage
You can use Fingerprint via the Stylus Javascript API.
var stylus = require('stylus'),
fingerprint = require('fingerprint');
stylus(str).use(fingerprint());
Available Options
the fingerprint function accepts an object of options with the following keys:
strategy: the strategy method to use, see below for more details;literal: the literal string to use along theplainstrategy;paths: an array of paths to where you store your images - it also uses the included paths onstylus;rename: marks if the fingerprint should rename the filename inside your stylesheets or append the fingerprint to the asset URL.
When using the rename option, beware that Fingerprint doesn't move your images around - for now this should be done by some other code, perhaps a part of your deployment script.
The standard behavior is to append the file timestamp to the URL.
Strategies
- timestamp - it uses the mtime of your image. External URLs will be ignore;
- plain - uses the provided literal as fingerprint - useful together with sha hashes;
- md5 - computes the MD5 of the given image.
License
(The MIT License)
Copyright (c) 2011 Lucas Mazza <luc4smazza@gmail.com>
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
Stylus plugin to append fingerprints to your images
We found that fingerprint demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 22 Jun 2011
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
North Korean APT Lazarus Targets Developers with Malicious npm Package
Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.
By Kirill Boychenko, Peter van der Zee - Jan 29, 2025
Security News
CISA Brings KEV Data to GitHub
CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.
By Sarah Gooding - Jan 29, 2025