Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Fork of @phc/bcrypt with updated dependencies
🔒 Node.JS bcrypt password hashing algorithm following the PHC string format.
Coded with ❤️ by Simone Primarosa.
The PHC String Format is an attempt to specify a common hash string format that’s a restricted & well defined subset of the Modular Crypt Format. New hashes are strongly encouraged to adhere to the PHC specification, rather than the much looser Modular Crypt Format.
The hash strings generated by this package are in the following format:
$bcrypt$v=<version>r=<rounds>$<salt>$<hash>
Where:
Field | Type | Description |
---|---|---|
<version> | number | The version of the bcrypt algorithm used. |
<rounds> | number | The cost of processing data encoded as log2(iterations). |
<salt> | string | A sequence of bits, known as a cryptographic salt encoded in B64. |
<hash> | string | The computed derived key by the bcrypt algorithm encoded in B64. |
For more details consult the bcrypt paper here.
npm install --save @phc/bcrypt
const bcrypt = require('@phc/bcrypt');
// Hash and verify with bcrypt and default configs
const hash = await bcrypt.hash('password');
// => $bcrypt$v=98$r=10$Fu+++1sHIGTodjyG4pF4Sw$QlOihTVOARhpV0EiWv4k10i5Pw5Hm0E
const match = await bcrypt.verify(hash, 'password');
// => true
const match = await bcrypt.verify(hash, 'wrong');
// => false
const ids = bcrypt.identifiers();
// => ['bcrypt']
Below you can find usage statistics of this hashing algorithm with different options. This should help you understand how the different options affects the running time and memory usage of the algorithm.
Usage reports are generated thanks to sympact.
Distro Release Platform Arch
-------- ------- -------- ----
Mac OS X 10.12.6 darwin x64
CPU Brand Clock Cores
------ -------------- -------- -----
Intel® Core™ i5-6360U 2.00 GHz 4
Memory Type Size Clock
---------------------- ------ ----------- --------
Micron Technology Inc. LPDDR3 4294.967 MB 1867 MHz
Micron Technology Inc. LPDDR3 4294.967 MB 1867 MHz
CPU Usage (avarage ± σ) CPU Usage Range (min … max)
----------------------- ---------------------------
205.71 % ± 149.94 % 0.00 % … 480.00 %
RAM Usage (avarage ± σ) RAM Usage Range (min … max)
----------------------- ---------------------------
26.638 MB ± 2.191 MB 21.438 MB … 27.787 MB
Execution time Sampling time Samples
-------------- ------------- ---------
0.161 s 0.233 s 7 samples
Instant CPU Usage RAM Usage PIDS
------- --------- --------- -----
0.040 s 480.00 % 21.438 MB 31313
0.102 s 360.00 % 26.190 MB 31313
0.134 s 180.00 % 27.754 MB 31313
0.162 s 180.00 % 27.754 MB 31313
0.189 s 120.00 % 27.754 MB 31313
0.215 s 120.00 % 27.787 MB 31313
0.233 s 0.00 % 27.787 MB 31313
CPU Usage (avarage ± σ) CPU Usage Range (min … max)
----------------------- ---------------------------
190.00 % ± 181.38 % 0.00 % … 480.00 %
RAM Usage (avarage ± σ) RAM Usage Range (min … max)
----------------------- ---------------------------
26.470 MB ± 2.443 MB 21.635 MB … 28.176 MB
Execution time Sampling time Samples
-------------- ------------- ---------
0.158 s 0.323 s 6 samples
Instant CPU Usage RAM Usage PIDS
------- --------- --------- -----
0.109 s 480.00 % 21.635 MB 31491
0.211 s 300.00 % 24.973 MB 31491
0.262 s 300.00 % 27.681 MB 31491
0.289 s 60.00 % 28.176 MB 31491
0.308 s 0.00 % 28.176 MB 31491
0.323 s 0.00 % 28.176 MB 31491
CPU Usage (avarage ± σ) CPU Usage Range (min … max)
----------------------- ---------------------------
93.75 % ± 114.67 % 0.00 % … 300.00 %
RAM Usage (avarage ± σ) RAM Usage Range (min … max)
----------------------- ---------------------------
26.556 MB ± 2.101 MB 21.651 MB … 27.976 MB
Execution time Sampling time Samples
-------------- ------------- ---------
0.293 s 0.494 s 8 samples
Instant CPU Usage RAM Usage PIDS
------- --------- --------- -----
0.079 s 270.00 % 21.651 MB 31602
0.226 s 300.00 % 25.137 MB 31602
0.311 s 0.00 % 26.173 MB 31602
0.342 s 90.00 % 27.619 MB 31602
0.364 s 60.00 % 27.939 MB 31602
0.445 s 30.00 % 27.976 MB 31602
0.492 s 0.00 % 27.976 MB 31602
0.494 s 0.00 % 27.976 MB 31602
CPU Usage (avarage ± σ) CPU Usage Range (min … max)
----------------------- ---------------------------
155.00 % ± 101.61 % 0.00 % … 480.00 %
RAM Usage (avarage ± σ) RAM Usage Range (min … max)
----------------------- ---------------------------
27.131 MB ± 1.720 MB 21.631 MB … 27.988 MB
Execution time Sampling time Samples
-------------- ------------- ----------
0.486 s 0.575 s 18 samples
Instant CPU Usage RAM Usage PIDS
------- --------- --------- -----
0.057 s 480.00 % 21.631 MB 32051
0.127 s 300.00 % 24.285 MB 32051
0.157 s 120.00 % 25.219 MB 32051
0.185 s 120.00 % 25.833 MB 32051
0.214 s 180.00 % 27.951 MB 32051
0.235 s 120.00 % 27.951 MB 32051
0.264 s 120.00 % 27.951 MB 32051
0.295 s 180.00 % 27.951 MB 32051
0.324 s 180.00 % 27.951 MB 32051
0.354 s 180.00 % 27.951 MB 32051
0.383 s 180.00 % 27.951 MB 32051
0.411 s 180.00 % 27.951 MB 32051
0.439 s 120.00 % 27.951 MB 32051
0.469 s 90.00 % 27.951 MB 32051
0.497 s 90.00 % 27.951 MB 32051
0.532 s 120.00 % 27.951 MB 32051
0.556 s 30.00 % 27.988 MB 32051
0.575 s 0.00 % 27.988 MB 32051
CPU Usage (avarage ± σ) CPU Usage Range (min … max)
----------------------- ---------------------------
112.91 % ± 75.45 % 0.00 % … 420.00 %
RAM Usage (avarage ± σ) RAM Usage Range (min … max)
----------------------- ---------------------------
27.983 MB ± 0.905 MB 21.705 MB … 28.176 MB
Execution time Sampling time Samples
-------------- ------------- ----------
1.608 s 1.68 s 55 samples
Instant CPU Usage RAM Usage PIDS
------- --------- --------- -----
0.039 s 420.00 % 21.705 MB 32176
0.104 s 420.00 % 25.899 MB 32176
0.145 s 180.00 % 28.140 MB 32176
0.180 s 180.00 % 28.140 MB 32176
0.211 s 180.00 % 28.140 MB 32176
0.234 s 120.00 % 28.140 MB 32176
0.258 s 120.00 % 28.140 MB 32176
0.291 s 180.00 % 28.140 MB 32176
0.334 s 180.00 % 28.140 MB 32176
0.361 s 60.00 % 28.140 MB 32176
0.383 s 180.00 % 28.140 MB 32176
0.416 s 120.00 % 28.140 MB 32176
0.445 s 180.00 % 28.140 MB 32176
0.473 s 180.00 % 28.140 MB 32176
0.501 s 120.00 % 28.140 MB 32176
0.531 s 180.00 % 28.140 MB 32176
0.561 s 120.00 % 28.140 MB 32176
0.589 s 180.00 % 28.140 MB 32176
0.616 s 120.00 % 28.140 MB 32176
0.646 s 180.00 % 28.140 MB 32176
0.677 s 90.00 % 28.140 MB 32176
0.706 s 60.00 % 28.140 MB 32176
0.743 s 90.00 % 28.140 MB 32176
0.777 s 90.00 % 28.140 MB 32176
0.804 s 60.00 % 28.140 MB 32176
0.828 s 90.00 % 28.140 MB 32176
0.859 s 60.00 % 28.140 MB 32176
0.887 s 90.00 % 28.140 MB 32176
0.916 s 90.00 % 28.140 MB 32176
0.952 s 90.00 % 28.140 MB 32176
0.981 s 60.00 % 28.140 MB 32176
1.024 s 60.00 % 28.140 MB 32176
1.058 s 90.00 % 28.140 MB 32176
1.083 s 60.00 % 28.140 MB 32176
1.113 s 90.00 % 28.140 MB 32176
1.140 s 0.00 % 28.140 MB 32176
1.170 s 60.00 % 28.140 MB 32176
1.199 s 90.00 % 28.140 MB 32176
1.227 s 90.00 % 28.140 MB 32176
1.255 s 90.00 % 28.140 MB 32176
1.284 s 60.00 % 28.140 MB 32176
1.313 s 90.00 % 28.140 MB 32176
1.342 s 60.00 % 28.140 MB 32176
1.370 s 90.00 % 28.140 MB 32176
1.397 s 90.00 % 28.140 MB 32176
1.428 s 90.00 % 28.140 MB 32176
1.456 s 60.00 % 28.140 MB 32176
1.484 s 90.00 % 28.140 MB 32176
1.511 s 90.00 % 28.140 MB 32176
1.541 s 60.00 % 28.140 MB 32176
1.578 s 120.00 % 28.140 MB 32176
1.601 s 60.00 % 28.140 MB 32176
1.629 s 60.00 % 28.140 MB 32176
1.655 s 90.00 % 28.176 MB 32176
1.680 s 0.00 % 28.176 MB 32176
CPU Usage (avarage ± σ) CPU Usage Range (min … max)
----------------------- ---------------------------
40.42 % ± 47.22 % 0.00 % … 540.00 %
RAM Usage (avarage ± σ) RAM Usage Range (min … max)
----------------------- ---------------------------
27.793 MB ± 0.487 MB 21.656 MB … 27.881 MB
Execution time Sampling time Samples
-------------- ------------- -----------
7.237 s 7.322 s 236 samples
Instant CPU Usage RAM Usage PIDS
------- --------- --------- -----
0.046 s 540.00 % 21.656 MB 32810
0.219 s 300.00 % 24.527 MB 32810
0.261 s 180.00 % 25.407 MB 32810
0.292 s 180.00 % 26.694 MB 32810
0.300 s 60.00 % 27.673 MB 32810
0.326 s 120.00 % 27.849 MB 32810
0.353 s 120.00 % 27.849 MB 32810
0.383 s 180.00 % 27.849 MB 32810
0.409 s 120.00 % 27.849 MB 32810
0.440 s 180.00 % 27.849 MB 32810
0.472 s 120.00 % 27.849 MB 32810
0.511 s 90.00 % 27.849 MB 32810
0.554 s 90.00 % 27.849 MB 32810
0.577 s 60.00 % 27.849 MB 32810
0.605 s 60.00 % 27.849 MB 32810
0.627 s 60.00 % 27.849 MB 32810
0.657 s 90.00 % 27.849 MB 32810
0.688 s 90.00 % 27.849 MB 32810
0.721 s 90.00 % 27.849 MB 32810
0.743 s 60.00 % 27.849 MB 32810
0.770 s 90.00 % 27.849 MB 32810
0.799 s 90.00 % 27.849 MB 32810
0.827 s 60.00 % 27.849 MB 32810
0.854 s 90.00 % 27.849 MB 32810
0.883 s 90.00 % 27.849 MB 32810
0.928 s 90.00 % 27.849 MB 32810
0.952 s 30.00 % 27.849 MB 32810
0.993 s 60.00 % 27.849 MB 32810
1.025 s 30.00 % 27.849 MB 32810
1.051 s 60.00 % 27.849 MB 32810
1.084 s 60.00 % 27.849 MB 32810
1.108 s 60.00 % 27.849 MB 32810
1.134 s 60.00 % 27.849 MB 32810
1.159 s 60.00 % 27.849 MB 32810
1.187 s 90.00 % 27.849 MB 32810
1.216 s 90.00 % 27.849 MB 32810
1.244 s 60.00 % 27.849 MB 32810
1.274 s 0.00 % 27.849 MB 32810
1.312 s 90.00 % 27.849 MB 32810
1.348 s 60.00 % 27.849 MB 32810
1.379 s 30.00 % 27.849 MB 32810
1.405 s 30.00 % 27.849 MB 32810
1.440 s 90.00 % 27.849 MB 32810
1.467 s 60.00 % 27.849 MB 32810
1.496 s 60.00 % 27.849 MB 32810
1.519 s 60.00 % 27.849 MB 32810
1.548 s 40.00 % 27.849 MB 32810
1.576 s 60.00 % 27.849 MB 32810
1.604 s 60.00 % 27.849 MB 32810
1.645 s 60.00 % 27.849 MB 32810
1.679 s 20.00 % 27.849 MB 32810
1.709 s 40.00 % 27.849 MB 32810
1.738 s 20.00 % 27.849 MB 32810
1.771 s 40.00 % 27.849 MB 32810
1.816 s 60.00 % 27.849 MB 32810
1.877 s 20.00 % 27.849 MB 32810
1.881 s 20.00 % 27.849 MB 32810
1.916 s 40.00 % 27.849 MB 32810
1.944 s 20.00 % 27.849 MB 32810
1.980 s 40.00 % 27.849 MB 32810
2.007 s 20.00 % 27.849 MB 32810
2.035 s 40.00 % 27.849 MB 32810
2.069 s 60.00 % 27.849 MB 32810
2.138 s 40.00 % 27.849 MB 32810
2.147 s 20.00 % 27.849 MB 32810
2.210 s 60.00 % 27.849 MB 32810
2.223 s 40.00 % 27.849 MB 32810
2.262 s 40.00 % 27.849 MB 32810
2.282 s 20.00 % 27.849 MB 32810
2.310 s 40.00 % 27.849 MB 32810
2.330 s 40.00 % 27.849 MB 32810
2.358 s 60.00 % 27.849 MB 32810
2.387 s 40.00 % 27.849 MB 32810
2.458 s 60.00 % 27.849 MB 32810
2.475 s 40.00 % 27.849 MB 32810
2.499 s 20.00 % 27.849 MB 32810
2.535 s 30.00 % 27.849 MB 32810
2.565 s 45.00 % 27.849 MB 32810
2.594 s 30.00 % 27.849 MB 32810
2.620 s 45.00 % 27.849 MB 32810
2.654 s 30.00 % 27.849 MB 32810
2.682 s 30.00 % 27.849 MB 32810
2.708 s 30.00 % 27.849 MB 32810
2.742 s 45.00 % 27.849 MB 32810
2.769 s 30.00 % 27.849 MB 32810
2.798 s 0.00 % 27.849 MB 32810
2.823 s 30.00 % 27.849 MB 32810
2.852 s 45.00 % 27.849 MB 32810
2.880 s 30.00 % 27.849 MB 32810
2.908 s 45.00 % 27.849 MB 32810
2.935 s 30.00 % 27.849 MB 32810
2.963 s 45.00 % 27.849 MB 32810
2.991 s 45.00 % 27.849 MB 32810
3.034 s 30.00 % 27.849 MB 32810
3.069 s 45.00 % 27.849 MB 32810
3.099 s 15.00 % 27.849 MB 32810
3.151 s 30.00 % 27.849 MB 32810
3.195 s 30.00 % 27.849 MB 32810
3.200 s 15.00 % 27.849 MB 32810
3.234 s 45.00 % 27.849 MB 32810
3.259 s 30.00 % 27.849 MB 32810
3.288 s 30.00 % 27.849 MB 32810
3.324 s 30.00 % 27.849 MB 32810
3.348 s 45.00 % 27.849 MB 32810
3.372 s 30.00 % 27.849 MB 32810
3.395 s 30.00 % 27.849 MB 32810
3.428 s 45.00 % 27.849 MB 32810
3.455 s 45.00 % 27.849 MB 32810
3.479 s 45.00 % 27.849 MB 32810
3.515 s 24.00 % 27.849 MB 32810
3.550 s 48.00 % 27.849 MB 32810
3.571 s 24.00 % 27.849 MB 32810
3.598 s 36.00 % 27.849 MB 32810
3.626 s 36.00 % 27.849 MB 32810
3.659 s 24.00 % 27.849 MB 32810
3.702 s 24.00 % 27.849 MB 32810
3.727 s 24.00 % 27.849 MB 32810
3.752 s 36.00 % 27.849 MB 32810
3.791 s 24.00 % 27.849 MB 32810
3.822 s 24.00 % 27.849 MB 32810
3.897 s 12.00 % 27.849 MB 32810
3.902 s 12.00 % 27.849 MB 32810
3.945 s 48.00 % 27.849 MB 32810
3.978 s 36.00 % 27.849 MB 32810
4.016 s 36.00 % 27.849 MB 32810
4.046 s 24.00 % 27.849 MB 32810
4.074 s 24.00 % 27.849 MB 32810
4.106 s 24.00 % 27.849 MB 32810
4.136 s 0.00 % 27.849 MB 32810
4.172 s 24.00 % 27.849 MB 32810
4.209 s 24.00 % 27.849 MB 32810
4.244 s 12.00 % 27.849 MB 32810
4.269 s 12.00 % 27.849 MB 32810
4.302 s 24.00 % 27.849 MB 32810
4.330 s 24.00 % 27.849 MB 32810
4.366 s 36.00 % 27.849 MB 32810
4.392 s 24.00 % 27.849 MB 32810
4.428 s 24.00 % 27.849 MB 32810
4.460 s 24.00 % 27.849 MB 32810
4.521 s 10.00 % 27.849 MB 32810
4.556 s 10.00 % 27.849 MB 32810
4.565 s 20.00 % 27.849 MB 32810
4.602 s 20.00 % 27.849 MB 32810
4.635 s 20.00 % 27.849 MB 32810
4.666 s 20.00 % 27.849 MB 32810
4.688 s 10.00 % 27.849 MB 32810
4.729 s 30.00 % 27.849 MB 32810
4.758 s 30.00 % 27.849 MB 32810
4.784 s 20.00 % 27.849 MB 32810
4.808 s 20.00 % 27.849 MB 32810
4.836 s 30.00 % 27.849 MB 32810
4.866 s 20.00 % 27.849 MB 32810
4.907 s 30.00 % 27.849 MB 32810
4.932 s 20.00 % 27.849 MB 32810
4.955 s 20.00 % 27.849 MB 32810
4.983 s 30.00 % 27.849 MB 32810
5.011 s 20.00 % 27.849 MB 32810
5.039 s 30.00 % 27.849 MB 32810
5.067 s 20.00 % 27.849 MB 32810
5.095 s 30.00 % 27.849 MB 32810
5.123 s 20.00 % 27.849 MB 32810
5.153 s 30.00 % 27.849 MB 32810
5.181 s 20.00 % 27.849 MB 32810
5.211 s 30.00 % 27.849 MB 32810
5.240 s 20.00 % 27.849 MB 32810
5.268 s 30.00 % 27.849 MB 32810
5.296 s 30.00 % 27.849 MB 32810
5.325 s 20.00 % 27.849 MB 32810
5.354 s 30.00 % 27.849 MB 32810
5.384 s 30.00 % 27.849 MB 32810
5.411 s 20.00 % 27.849 MB 32810
5.449 s 30.00 % 27.849 MB 32810
5.480 s 20.00 % 27.849 MB 32810
5.506 s 0.00 % 27.849 MB 32810
5.543 s 17.14 % 27.849 MB 32810
5.594 s 25.71 % 27.849 MB 32810
5.618 s 8.57 % 27.849 MB 32810
5.644 s 17.14 % 27.849 MB 32810
5.669 s 17.14 % 27.849 MB 32810
5.696 s 17.14 % 27.849 MB 32810
5.735 s 25.71 % 27.849 MB 32810
5.762 s 17.14 % 27.849 MB 32810
5.784 s 17.14 % 27.849 MB 32810
5.811 s 25.71 % 27.849 MB 32810
5.841 s 17.14 % 27.849 MB 32810
5.870 s 25.71 % 27.849 MB 32810
5.897 s 17.14 % 27.849 MB 32810
5.926 s 25.71 % 27.849 MB 32810
5.957 s 25.71 % 27.849 MB 32810
5.988 s 25.71 % 27.849 MB 32810
6.020 s 25.71 % 27.849 MB 32810
6.051 s 17.14 % 27.849 MB 32810
6.083 s 25.71 % 27.849 MB 32810
6.124 s 25.71 % 27.849 MB 32810
6.146 s 17.14 % 27.849 MB 32810
6.171 s 25.71 % 27.849 MB 32810
6.199 s 17.14 % 27.849 MB 32810
6.226 s 25.71 % 27.849 MB 32810
6.262 s 25.71 % 27.849 MB 32810
6.291 s 25.71 % 27.849 MB 32810
6.311 s 17.14 % 27.849 MB 32810
6.340 s 25.71 % 27.849 MB 32810
6.367 s 17.14 % 27.849 MB 32810
6.396 s 25.71 % 27.849 MB 32810
6.424 s 17.14 % 27.849 MB 32810
6.454 s 25.71 % 27.849 MB 32810
6.483 s 17.14 % 27.849 MB 32810
6.511 s 22.50 % 27.849 MB 32810
6.539 s 15.00 % 27.849 MB 32810
6.568 s 22.50 % 27.849 MB 32810
6.597 s 22.50 % 27.849 MB 32810
6.626 s 15.00 % 27.849 MB 32810
6.659 s 22.50 % 27.849 MB 32810
6.690 s 0.00 % 27.849 MB 32810
6.719 s 15.00 % 27.849 MB 32810
6.747 s 22.50 % 27.849 MB 32810
6.776 s 15.00 % 27.849 MB 32810
6.808 s 22.50 % 27.849 MB 32810
6.841 s 22.50 % 27.849 MB 32810
6.871 s 15.00 % 27.849 MB 32810
6.899 s 22.50 % 27.849 MB 32810
6.927 s 22.50 % 27.849 MB 32810
6.974 s 30.00 % 27.849 MB 32810
7.006 s 22.50 % 27.849 MB 32810
7.029 s 15.00 % 27.849 MB 32810
7.050 s 15.00 % 27.849 MB 32810
7.078 s 15.00 % 27.849 MB 32810
7.105 s 22.50 % 27.849 MB 32810
7.137 s 30.00 % 27.849 MB 32810
7.167 s 15.00 % 27.849 MB 32810
7.195 s 22.50 % 27.849 MB 32810
7.225 s 22.50 % 27.849 MB 32810
7.254 s 22.50 % 27.849 MB 32810
7.282 s 15.00 % 27.849 MB 32810
7.319 s 7.50 % 27.881 MB 32810
7.322 s 0.00 % 27.881 MB 32810
The bcrypt paper does not lists test vectors to test implementation but a set of well known test vectors has been used. This package implements them here.
Promise.<string>
Computes the hash string of the given password in the PHC format using bcrypt package.
Promise.<boolean>
Determines whether or not the hash stored inside the PHC formatted string matches the hash generated for the password provided.
Array.<string>
Gets the list of all identifiers supported by this hashing function.
Promise.<string>
Computes the hash string of the given password in the PHC format using bcrypt package.
Kind: global function
Returns: Promise.<string>
- The generated secure hash string in the PHC
format.
Access: public
Param | Type | Default | Description |
---|---|---|---|
password | string | The password to hash. | |
[options] | Object | Optional configurations related to the hashing function. | |
[options.rounds] | number | 10 | Optional Must be an integer within the range (4 <= rounds <= 31 ). |
Promise.<boolean>
Determines whether or not the hash stored inside the PHC formatted string matches the hash generated for the password provided.
Kind: global function
Returns: Promise.<boolean>
- A boolean that is true if the hash computed
for the password matches.
Access: public
Param | Type | Description |
---|---|---|
phcstr | string | Secure hash string generated from this package. |
password | string | User's password input. |
Array.<string>
Gets the list of all identifiers supported by this hashing function.
Kind: global function
Returns: Array.<string>
- A list of identifiers supported by this hashing function.
Access: public
Contributions are REALLY welcome and if you find a security flaw in this code, PLEASE report it.
See also the list of contributors who participated in this project.
This project is licensed under the MIT License - see the license file for details.
FAQs
Node.JS bcrypt password hashing algorithm following the PHC string format
The npm package phc-bcrypt receives a total of 2,127 weekly downloads. As such, phc-bcrypt popularity was classified as popular.
We found that phc-bcrypt demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.