Minimal asset hashing CLI and API
Use as a CLI or programmatically.
npm install --save-dev reaver
The API exposes a function.
reaver(files, options)Moves the specified file(s), appending to their paths a hash of their contents. Directories and missing files are ignored.
If a manifest: true option is passed, it returns a map of file paths to the resulting hashes. The manifest always uses absolute paths.
reaver.rev(file, data)This method will just return the hashed filename based on the provided data, without accessing the file system.
When you have circular dependencies, you can use --consider <file>. Suppose you have app.js and service-worker.js. app.js references the worker to install it, and the worker references app.js to download it for offline-first. You can --consider service-worker.js when hashing app.js so that the contents of service-worker are factored in the hashing of app.js, so that even though app.js itself hasn't changed, the hash will change if the contents of service-worker.js have changed.
Without this option, you would keep changing the hashes for each file as the reference to the other file changes in each other.
Usage
reaver [options] [file] [file] [file]
Invokes the reaver(files, options) API method, using minimist for option parsing.
Usage example below
touch foo{,.js}
reaver *
ls
# foo.d41d8cd9 foo.d41d8cd9.js
MIT
FAQs
Minimal asset hashing CLI and API
The npm package reaver receives a total of 22,249 weekly downloads. As such, reaver popularity was classified as popular.
We found that reaver demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI confirms no security flaws were exploited in the Ultralytics supply chain attack and highlights improvements for safer package publishing.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.