Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
The ohash npm package is a utility library for handling objects and hashes in JavaScript. It provides a variety of functions to manipulate and work with objects, including creating hashes, deep cloning, and merging objects.
Creating hashes from objects
This feature allows you to create a unique hash string from a JavaScript object. It is useful for identifying objects or storing them in a hash table.
const ohash = require('ohash');
const myObject = { name: 'John', age: 30 };
const hash = ohash.hash(myObject);
console.log(hash);
Deep cloning objects
This feature provides a method to create a deep clone of an object, ensuring that nested objects are also cloned rather than just copying references.
const ohash = require('ohash');
const original = { name: 'John', details: { age: 30, city: 'New York' } };
const cloned = ohash.clone(original);
console.log(cloned);
Merging objects
This feature allows you to merge two or more objects into a single object, combining their properties. If properties overlap, the last object's properties will take precedence.
const ohash = require('ohash');
const object1 = { name: 'John' };
const object2 = { age: 30 };
const mergedObject = ohash.merge(object1, object2);
console.log(mergedObject);
Lodash is a comprehensive utility library that offers similar functionalities to ohash, such as deep cloning and merging objects. Lodash is more extensive and widely used in the industry, providing a broader range of functions and better performance optimizations.
Deepmerge is a package specifically designed for merging objects deeply. While ohash provides this functionality, deepmerge offers more advanced options for controlling the merge process, such as array concatenation and custom merge functions.
Super fast hashing library written in Vanilla JS
Install package:
# npm
npm install ohash
# yarn
yarn add ohash
# pnpm
pnpm install ohash
Import:
// ESM
import { hash, objectHash, murmurHash, sha256 } from "ohash";
// CommonJS
const { hash, objectHash, murmurHash, sha256 } = require("ohash");
hash(object, options?)
Converts object value into a string hash using objectHash
and then applies sha256
with Base64 encoding (trimmed by length of 10).
Usage:
import { hash } from "ohash";
// "dZbtA7f0lK"
console.log(hash({ foo: "bar" }));
objectHash(object, options?)
Converts a nest object value into a stable and safe string for hashing.
Usage:
import { objectHash } from "ohash";
// "object:1:string:3:foo:string:3:bar,"
console.log(objectHash({ foo: "bar" }));
isEqual(obj1, obj2, options?)
Compare two objects using reference equality and stable object hashing.
Usage:
import { isEqual } from "ohash";
// true
console.log(isEqual({ a: 1, b: 2 }, { b: 2, a: 1 }));
diff(obj1, obj2, options?)
Compare two objects with nested hashing. Returns an array of changes.
Returned value is an array of diff entries with $key
, $hash
, $value
and $props
. When logging, a string version of changelog is displayed.
Usage:
import { diff } from "ohash";
const createObject = () => ({
foo: "bar",
nested: {
y: 123,
bar: {
baz: "123",
},
},
});
const obj1 = createObject();
const obj2 = createObject();
obj2.nested.x = 123;
delete obj2.nested.y;
obj2.nested.bar.baz = 123;
const diff = diff(obj1, obj2);
// [-] Removed nested.y
// [~] Changed nested.bar.baz from "123" to 123
// [+] Added nested.x
console.log(diff(obj1, obj2));
murmurHash(str)
Converts input string (of any length) into a 32-bit positive integer using MurmurHash3.
Usage:
import { murmurHash } from "ohash";
// "427197390"
console.log(murmurHash("Hello World"));
sha256
Create a secure SHA 256 digest from input string.
import { sha256 } from "ohash";
// "a591a6d40bf420404a011733cfb7b190d62c65bf0bcda32b57b277d9ad9f146e"
console.log(sha256("Hello World"));
sha256base64
Create a secure SHA 256 digest in Base64 encoding from input string.
import { sha256base64 } from "ohash";
// "pZGm1Av0IEBKARczz7exkNYsZb8LzaMrV7J32a2fFG4"
console.log(sha256base64("Hello World"));
corepack enable
(use npm i -g corepack
for Node.js < 16.10)pnpm install
pnpm dev
Made with 💛
Published under MIT License.
Based on puleos/object-hash by Scott Puleo, and implementations from perezd/node-murmurhash and garycourt/murmurhash-js by Gary Court and Austin Appleby and brix/crypto-js.
v1.1.4
FAQs
Super fast hashing library based on murmurhash3 written in Vanilla JS
The npm package ohash receives a total of 2,657,832 weekly downloads. As such, ohash popularity was classified as popular.
We found that ohash demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.