Security News
Django Joins curl in Pushing Back on AI Slop Security Reports
Django has updated its security policies to reject AI-generated vulnerability reports that include fabricated or unverifiable content.
By Sarah Gooding - Jun 30, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
git-bundle-sha
Advanced tools
git-bundle-sha
Retrieve the git SHA of the commit that most recently touched a list of files.
git-bundle-sha
Retrieve the Git SHA of the latest commit that touched any number of files. Useful in particular with bundling, when you want to identify a collection of files by something like a hash, but tied to something more real (like a Git history.)
Usage
Install using npm:
npm install git-bundle-sha
And then require:
var gitsha = require('git-bundle-sha');
With a list of file paths
gitsha(['lib/server.js', 'lib/common.js', 'helpers/handlebars.js'], function (err, sha) {
if (err) throw err;
console.log('Git SHA: ' + sha);
});
Without a list (get HEAD SHA)
gitsha(function(err, sha) {
if (err) throw err;
console.log('HEAD is at ' + sha);
});
Options
force
Don't read any values from cache (some things, like the submodule list, are cached for performance.) Default = false.
length
Trim the resulting SHA to a specified length. Default = null (no trimming.)
Notes
This works by sub-shelling out to a Git process, so your node process must be able to access git. This also means that it is tied to your project directory at the moment.
Questions
Is this submodule-aware?
Yes. If you are using submodules, any file nested under that submodule directory will have a last-modified SHA that corresponds to the commit that last updated the submodule in the parent project.
FAQs
Retrieve the git SHA of the commit that most recently touched a list of files.
The npm package git-bundle-sha receives a total of 886 weekly downloads. As such, git-bundle-sha popularity was classified as not popular.
We found that git-bundle-sha demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 26 Aug 2014
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
ECMAScript 2025 Finalized with Iterator Helpers, Set Methods, RegExp.escape, and More
ECMAScript 2025 introduces Iterator Helpers, Set methods, JSON modules, and more in its latest spec update approved by Ecma in June 2025.
By Sarah Gooding - Jun 26, 2025
Security News
Node.js Homepage Adds Paid Support Link, Prompting Contributor Pushback
A new Node.js homepage button linking to paid support for EOL versions has sparked a heated discussion among contributors and the wider community.
By Sarah Gooding - Jun 25, 2025