Security News
PyPI Introduces Digital Attestations to Strengthen Python Package Security
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
fingerprintjs2
Advanced tools
Original fingerprintjs library was developed in 2012, it's now impossible to evolve it without breaking backwards compatibilty, so this project will be where all the new development happens.
This project will use significantly more sources for fingerprinting, all of them will be configurable, that is it should be possible to cherry-pick only the options you need or just enable them all.
I'm also paying special attention to IE plugins, popular in China, such as QQ, Baidu and others.
This project will not be backwards compatible with original fingerprintjs.
new Fingerprint2().get(function(result){
console.log(result);
});
var options = {swfPath: '/assets/FontList.swf', excludeUserAgent: true};
new Fingerprint2(options).get(function(result){
console.log(result);
});
Full list of options will be in the wiki. (wip)
To use flash font enumeration, make sure you have swfobject available. If you don't, the library will skip the flash part entirely.
You can view your browser fingerprint locally by starting a webserver and viewing the index.html page. Loading index.html from the filesystem won't work due to Flash's ExternalInterface security restrictions.
To start a web server you can use either Ruby:
ruby -run -e httpd . -p 8080
or Python
# will load on port 8000
python -m SimpleHTTPServer
FAQs
Warning! The library is renamed to @fingerprintjs/fingerprintjs. See https://github.com/fingerprintjs/fingerprintjs to get updates.
The npm package fingerprintjs2 receives a total of 51,499 weekly downloads. As such, fingerprintjs2 popularity was classified as popular.
We found that fingerprintjs2 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.