
Security News
New CVE Forecasting Tool Predicts 47,000 Disclosures in 2025
CVEForecast.org uses machine learning to project a record-breaking surge in vulnerability disclosures in 2025.
side-channel
Advanced tools
Store information about any JS value in a side channel. Uses WeakMap if available.
The side-channel npm package is designed to provide mechanisms for securely handling and transmitting sensitive information within a JavaScript environment. It is particularly useful in contexts where preventing information leakage is critical, such as in cryptographic operations or when handling personal data. The package offers functionalities to create secure channels for data, ensuring that the data is not exposed to unintended scopes or leaked through side channels.
Creating a secure side channel
This feature allows the creation of a secure side channel where you can safely store and retrieve data. The `set` method is used to store data associated with a given key, ensuring that the data is not accessible outside the intended scope.
const SideChannel = require('side-channel');
const channel = new SideChannel();
channel.set(key, value);
Retrieving data from a secure side channel
This code snippet demonstrates how to retrieve data from a secure side channel. The `get` method is used to access the data associated with a specific key, ensuring that the operation is safe and the data integrity is maintained.
const value = channel.get(key);
While 'cryptiles' is more focused on cryptographic utilities, it shares the goal of secure data handling with 'side-channel'. 'cryptiles' offers functions for securely generating random strings and fixed-size cryptographic tokens, which can be seen as complementary to the secure data transmission and storage functionalities provided by 'side-channel'.
Store information about any JS value in a side channel. Uses WeakMap if available.
Warning: in an environment that lacks WeakMap
, this implementation will leak memory until you delete
the key
.
npm install --save side-channel
const assert = require('assert');
const getSideChannel = require('side-channel');
const channel = getSideChannel();
const key = {};
assert.equal(channel.has(key), false);
assert.throws(() => channel.assert(key), TypeError);
channel.set(key, 42);
channel.assert(key); // does not throw
assert.equal(channel.has(key), true);
assert.equal(channel.get(key), 42);
channel.delete(key);
assert.equal(channel.has(key), false);
assert.throws(() => channel.assert(key), TypeError);
Clone the repo, npm install
, and run npm test
v1.1.0 - 2024-12-11
side-channel-weakmap
, side-channel-map
, side-channel-list
ada5955
channel.delete
c01d2d3
0c54356
be24868
c4488e2
0e0d57c
@ljharb/eslint-config
, @ljharb/tsconfig
, @types/get-intrinsic
, @types/object-inspect
, @types/tape
, auto-changelog
, tape
fb4f622
call-bind
, get-intrinsic
, object-inspect
b78336b
aud
with npm audit
ee3ab46
c03e21a
FAQs
Store information about any JS value in a side channel. Uses WeakMap if available.
The npm package side-channel receives a total of 58,798,977 weekly downloads. As such, side-channel popularity was classified as popular.
We found that side-channel demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CVEForecast.org uses machine learning to project a record-breaking surge in vulnerability disclosures in 2025.
Security News
Browserslist-rs now uses static data to reduce binary size by over 1MB, improving memory use and performance for Rust-based frontend tools.
Research
Security News
Eight new malicious Firefox extensions impersonate games, steal OAuth tokens, hijack sessions, and exploit browser permissions to spy on users.