Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
gravatar-url
Advanced tools
Readme
Get the URL to a Gravatar image from an identifier, such as an email
$ npm install gravatar-url
import gravatarUrl from 'gravatar-url';
gravatarUrl('sindresorhus@gmail.com', {size: 200});
//=> 'https://gravatar.com/avatar/d36a92237c75c5337c17b60d90686bf9?size=200'
Type: string
Identifier for which to get the Gravatar image.
This will typically be an email matching a Gravatar profile, but can technically be any string.
The Gravatar service only sees a hash of the identifier, so you could actually use this to get pseudo-random avatars for any entity, e.g. based on its ID.
Note that if the identifier contains an @
, it is assumed to be an email, and will therefore be lower-cased and trimmed before hashing, as per the Gravatar instructions - otherwise it will be hashed as-is.
Type: object
Type: number
Default: 80
Values: 1..2048
Size of the image.
Type: string
Default: This image
Values: Custom URL or 404
, mm
, identicon
, monsterid
, wavatar
, retro
, blank
Image to return if the identifier didn't match any Gravatar profile.
Type: string
Default: g
Values: g
pg
r
x
Allowed rating of the image.
FAQs
Get the URL to a Gravatar image from an identifier, such as an email
The npm package gravatar-url receives a total of 16,316 weekly downloads. As such, gravatar-url popularity was classified as popular.
We found that gravatar-url demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.