Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
multihashes
Advanced tools
The 'multihashes' npm package provides utilities for creating, decoding, and working with multihashes. Multihashes are self-describing hashes that include information about the hash function used and the length of the hash, making them useful for decentralized systems and content-addressable storage.
Encoding a hash
This feature allows you to encode a hash using a specified hash function. In this example, a SHA-256 hash is encoded into a multihash.
const multihashes = require('multihashes');
const hash = Buffer.from('1220' + 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', 'hex');
const encoded = multihashes.encode(hash, 'sha2-256');
console.log(encoded.toString('hex'));
Decoding a multihash
This feature allows you to decode a multihash to retrieve the original hash and the hash function used. The example decodes a SHA-256 multihash.
const multihashes = require('multihashes');
const encoded = Buffer.from('1220e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', 'hex');
const decoded = multihashes.decode(encoded);
console.log(decoded);
Validating a multihash
This feature allows you to validate a multihash to ensure it is correctly formatted. The example checks if a given multihash is valid.
const multihashes = require('multihashes');
const encoded = Buffer.from('1220e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', 'hex');
const isValid = multihashes.validate(encoded);
console.log(isValid);
The 'multibase' package provides utilities for encoding and decoding data in various base encodings. It is similar to 'multihashes' in that it deals with encoding schemes, but it focuses on base encodings rather than hash functions.
The 'multicodec' package provides a way to self-describe content with a compact codec identifier. It is similar to 'multihashes' in that it includes metadata about the content, but it focuses on codec identifiers rather than hash functions.
The 'multiformats' package is a collection of self-describing protocol formats, including multihash, multibase, and multicodec. It provides a more comprehensive suite of tools compared to 'multihashes', which focuses solely on multihashes.
multihash implementation in node.js
This is the multihash implementation in Node.
$ npm install --save multihashes # node the name of the module is multihashes
The code published to npm that gets loaded on require is in fact an ES5 transpiled version with the right shims added. This means that you can require it and use with your favourite bundler without having to adjust asset management process.
var multihashes = require('multihashes')
<script>
tagLoading this module through a script tag will make the Multihashes
obj available in the global namespace.
<script src="https://unpkg.com/multihashes/dist/index.min.js"></script>
<!-- OR -->
<script src="https://unpkg.com/multihashes/dist/index.js"></script>
You will need to use Node.js Buffer
API compatible, if you are running inside the browser, you can access it by multihash.Buffer
or you can install Feross's Buffer.
> var multihash = require('multihashes')
> var buf = new Buffer('0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33', 'hex')
> var encoded = multihash.encode(buf, 'sha1')
> console.log(encoded)
<Buffer 11 14 0b ee c7 b5 ea 3f 0f db c9 5d 0d d4 7f 3c 5b c2 75 da 8a 33>
> multihash.decode(encoded)
{ code: 17,
name: 'sha1',
length: 20,
digest: <Buffer 0b ee c7 b5 ea 3f 0f db c9 5d 0d d4 7f 3c 5b c2 75 da 8a 33> }
https://multiformats.github.io/js-multihash/
Captain: @diasdavid.
Contributions welcome. Please check out the issues.
Check out our contributing document for more information on how we work, and about contributing in general. Please be aware that all interactions related to multiformats are subject to the IPFS Code of Conduct.
Small note: If editing the README, please conform to the standard-readme specification.
MIT © 2016 Protocol Labs Inc.
0.3.2 (2017-01-27)
<a name="0.3.1"></a>
FAQs
multihash implementation
The npm package multihashes receives a total of 188,130 weekly downloads. As such, multihashes popularity was classified as popular.
We found that multihashes demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.