Product
Go Support Is Now Generally Available
Socket's Go support is now generally available, bringing automatic scanning and deep code analysis to all users with Go projects.
By Peter van der Zee, Ryan Eberhardt - Apr 17, 2025
You're Invited: Meet the Socket team at BSidesSF and RSAC - April 27 - May 1.RSVP →
gulp-hash 
Cachebust your assets by adding a hash to the filename
npm install --save-dev gulp-hash
Basic usage
var hash = require('gulp-hash');
gulp.src('./js/**/*.js')
.pipe(hash()) // Add hashes to the files' names
.pipe(gulp.dest('public/js')) // Write the renamed files
.pipe(hash.manifest('public/assets.json', { // Generate the manifest file
deleteOld: true,
sourceDir: __dirname + '/public/js'
}))
.pipe(gulp.dest('.')); // Write the manifest file (see note below)
The "manifest" is a JSON file that maps the original filenames to the renamed ones.
Note: It is recommended to use the full relative path to the manifest file in hash.manifest() as opposed to setting it in gulp.dest(). This is so the append option is able find the original manifest file. The example above demonstrates this.
Streaming
The plugin fully supports both buffers and streams. If you encounter any problems, please open an issue on GitHub and I'll look into it!
API
hash(options)
| Option | Default | Description |
|---|---|---|
| algorithm | 'sha1' | A hashing algorithm for crypto.createHash |
| hashLength | 8 | The length of the hash to add to the file's name (slice from the start of the full hash) |
| template | '<%= name %>-<%= hash %><%= ext %>' | The template used when adding the hash |
| version | '' | A key to change the files' hashes without actually changing their content; appended to the contents when hashing |
hash.manifest(manifestPath, options)
| Parameter | Default | Description |
|---|---|---|
| manifestPath | (none) | The desired path to the manifest file |
| options.append | true | Whether to merge the new manifest with an existing one's contents (same filename, doesn't have to exist before first run) |
| options.space | null | The space parameter for JSON.stringify() |
| options.deleteOld | false | If set to true, deletes old versions of hashed files |
| options.sourceDir | __dirname | Used with deleteOld. Specifies where to search for old files to delete. |
hash.manifest(manifestPath, append, space)
| Parameter | Default | Description |
|---|---|---|
| manifestPath | (none) | The desired path to the manifest file |
| append | true | (optional) Whether to merge the new manifest with an existing one's contents (same filename, doesn't have to exist before first run) |
| space | undefined | (optional) The space parameter for JSON.stringify() |
FAQs
Cachebust your assets by adding a hash to the filename
The npm package gulp-hash receives a total of 4,409 weekly downloads. As such, gulp-hash popularity was classified as popular.
We found that gulp-hash demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 14 Jan 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
vlt Launches Real-Time Dependency Analysis Powered by Socket
vlt adds real-time security selectors powered by Socket, enabling developers to query and analyze package risks directly in their dependency graph.
By Sarah Gooding - Apr 17, 2025
Security News
CISA Extends MITRE Contract as Crisis Accelerates Alternative CVE Coordination Efforts
CISA extended MITRE’s CVE contract by 11 months, avoiding a shutdown but leaving long-term governance and coordination issues unresolved.
By Sarah Gooding - Apr 16, 2025