Security News
PyPI Introduces Digital Attestations to Strengthen Python Package Security
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
folder-hash
Advanced tools
Create a hash checksum over a folder and its content - its children and their content
The folder-hash npm package is used to generate hash values for the contents of a folder. This can be useful for verifying the integrity of files, detecting changes, and ensuring consistency across different environments.
Generate Hash for a Folder
This feature allows you to generate a hash for the contents of a specified folder. The hash can be used to verify the integrity of the folder's contents.
const folderHash = require('folder-hash');
const options = { folders: { include: ['*'] } };
folderHash.hashElement('path/to/folder', options)
.then(hash => console.log(hash))
.catch(error => console.error('Error:', error));
Customizing Hash Options
This feature allows you to customize the hashing options, such as the algorithm, encoding, and which files or folders to include or exclude.
const folderHash = require('folder-hash');
const options = {
algo: 'sha256',
encoding: 'hex',
folders: { exclude: ['node_modules', 'test'] },
files: { include: ['*.js', '*.json'] }
};
folderHash.hashElement('path/to/folder', options)
.then(hash => console.log(hash))
.catch(error => console.error('Error:', error));
The hasha package is a versatile hashing library that can hash strings, buffers, and streams. It supports multiple algorithms and is highly configurable. Unlike folder-hash, hasha does not specifically target folder contents but can be used in conjunction with other tools to achieve similar results.
The built-in Node.js crypto module provides cryptographic functionality, including hashing. While it does not directly support hashing entire folders, it can be used to hash individual files and combined with file system operations to hash folder contents. It offers more control but requires more manual setup compared to folder-hash.
The checksum package is designed to generate checksums for files and directories. It offers similar functionality to folder-hash but with a focus on simplicity and ease of use. It supports various algorithms and can be a good alternative for basic hashing needs.
Create a hash checksum over a folder or a file.
The hashes are propagated upwards, the hash that is returned for a folder is generated over all the hashes of its children.
The hashes are generated with the sha1 algorithm and returned in base64 encoding.
The returned information looks like this:
{ name: 'test',
hash: 'qmUXLCsTQGOEF6p0w9V78MC7sJI=',
children: [
{ name: 'helper',
hash: 'x1CX3yVH3UuLTw7zcSitSs/PbGE=',
children: [
{ name: 'helper.js', hash: 'pHYwd8k/oZV01oABTz9MC8KovkU=' }
] },
{ name: 'test.js', hash: 'L/vqpdQhxmD5w62k24m4TuZJ1PM=' }
]
}
Each file returns a name and a hash, and each folder returns additionally an array of children (file or folder elements).
First, install the dependencies by executing npm install
.
var hasher = require('folder-hash');
// pass element name and folder path separately
hasher.hashElement('node_modules', __dirname).then(function (hash) {
console.log('Result for folder "node_modules" in directory "' + __dirname + '":');
console.log(hash.toString());
});
// pass element path directly
hasher.hashElement(__dirname).then(function (hash) {
console.log('Result for folder "' + __dirname + '":');
console.log(hash.toString());
});
var hasher = require('folder-hash');
// pass element name and folder path separately
hasher.hashElement('node_modules', __dirname, function (error, hash)) {
if (error) return console.error('hashing failed:', error);
console.log('Result for folder "node_modules" in directory "' + __dirname + '":');
console.log(hash.toString());
});
// pass element path directly
hasher.hashElement(__dirname, function (error, hash)) {
if (error) return console.error('hashing failed:', error);
console.log('Result for folder "' + __dirname + '":');
console.log(hash.toString());
});
The behavior is documented and verified in the unit tests. Execute npm test
or mocha test
, and have a look at the test subfolder.
The hashes are the same if:
The hashes are different if:
Content means in this case a folders children - both the files and the subfolders with their children.
The hashes are the same if:
The hashes are different if:
MIT, see LICENSE.txt
FAQs
Create a hash checksum over a folder and its content - its children and their content
The npm package folder-hash receives a total of 167,531 weekly downloads. As such, folder-hash popularity was classified as popular.
We found that folder-hash demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.