Security News
Fluent Assertions Faces Backlash After Abandoning Open Source Licensing
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
The snappyjs npm package is a JavaScript implementation of Google's Snappy compression algorithm. It provides functionalities for compressing and decompressing data efficiently.
Compression
This feature allows you to compress a given input buffer using the Snappy compression algorithm. The code sample demonstrates how to compress a simple string 'Hello, world!' into a compressed buffer.
const snappy = require('snappyjs');
const input = Buffer.from('Hello, world!');
const compressed = snappy.compress(input);
console.log(compressed);
Decompression
This feature allows you to decompress a given compressed buffer back to its original form. The code sample demonstrates how to decompress a buffer containing compressed data.
const snappy = require('snappyjs');
const compressed = Buffer.from([...] /* some compressed data */);
const decompressed = snappy.uncompress(compressed);
console.log(decompressed.toString());
The 'snappy' package is a native binding to the Snappy compression library. It provides similar functionalities for compressing and decompressing data but relies on native code for performance. It is generally faster than snappyjs due to its native implementation.
The 'lz4' package provides bindings to the LZ4 compression library, which is known for its high-speed compression and decompression. While it serves a similar purpose to snappyjs, it uses a different compression algorithm that may offer different performance characteristics.
The 'pako' package is a JavaScript implementation of the zlib (deflate) compression algorithm. It offers functionalities for compressing and decompressing data, similar to snappyjs, but uses the zlib algorithm instead of Snappy.
A pure JavaScript implementation of Google's Snappy compression library.
This implementation is reasonably fast (see benchmark below). It takes advantage of ArrayBuffer
.
If using with Node.js,
npm install snappyjs
If using with Bower,
bower install snappyjs
SnappyJS works with Node.js 10.x or later.
var SnappyJS = require('snappyjs')
var buffer = new ArrayBuffer(100)
// fill data in buffer
var compressed = SnappyJS.compress(buffer)
var uncompressed = SnappyJS.uncompress(compressed)
You can also use SnappyJS in browser. Adding dist/snappyjs.js
or dist/snappyjs.min.js
will introduce SnappyJS
in the global scope.
SnappyJS relies on ArrayBuffer
. All major browsers support it now (http://caniuse.com/#feat=typedarrays). Also, as I tested, SnappyJS has high performance on latest version of Google Chrome, Safari, Firefox, and Microsoft Edge.
When using webpack to build your project, and you plan to only use ArrayBuffer
or Uint8Array
as input parameters, make sure to put the following in your webpack config to prevent it from automatically bundling a Buffer
polyfill:
node: {
Buffer: false,
}
Compress input
, which must be type of ArrayBuffer
, Buffer
, or Uint8Array
.
Compressed byte stream is returned, with same type of input
.
Uncompress compressed
, which must be type of ArrayBuffer
, Buffer
, or Uint8Array
.
Uncompressed byte stream is returned, with same type of compressed
.
If maxLength
is provided, uncompress function will throw an exception if the data length
encoded in the header exceeds maxLength
. This is a protection mechanism for malicious data stream.
Although JavaScript is dynamic-typing, all major JS engines are highly optimized. Thus well-crafted JavaScript code can have competitive performance even compared to native C++ code.
I benchmark SnappyJS against node-snappy
(which is Node.js binding of native implementation).
Command for benchmark is node benchmark
. Below is the result running on Node.js v5.5.0.
Real text #1 (length 618425, byte length 618425), repeated 100 times:
node-snappy#compress x 2.31 ops/sec ±1.47% (10 runs sampled)
snappyjs#compress x 0.91 ops/sec ±0.92% (7 runs sampled)
node-snappy#uncompress x 7.22 ops/sec ±4.07% (22 runs sampled)
snappyjs#uncompress x 2.45 ops/sec ±1.53% (11 runs sampled)
Real text #2 (length 3844590, byte length 3844591), repeated 10 times:
node-snappy#compress x 7.68 ops/sec ±2.78% (23 runs sampled)
snappyjs#compress x 3.56 ops/sec ±1.44% (13 runs sampled)
node-snappy#uncompress x 17.94 ops/sec ±4.71% (33 runs sampled)
snappyjs#uncompress x 7.24 ops/sec ±2.57% (22 runs sampled)
Random string (length 1000000, byte length 1500098), repeated 50 times:
node-snappy#compress x 6.69 ops/sec ±5.23% (21 runs sampled)
snappyjs#compress x 2.39 ops/sec ±2.54% (10 runs sampled)
node-snappy#uncompress x 14.94 ops/sec ±6.90% (40 runs sampled)
snappyjs#uncompress x 5.92 ops/sec ±4.28% (19 runs sampled)
Random string (length 100, byte length 147), repeated 100000 times:
node-snappy#compress x 4.17 ops/sec ±2.96% (15 runs sampled)
snappyjs#compress x 5.45 ops/sec ±1.51% (18 runs sampled)
node-snappy#uncompress x 4.39 ops/sec ±3.83% (15 runs sampled)
snappyjs#uncompress x 14.01 ops/sec ±2.06% (38 runs sampled)
From the result, we see that SnappyJS has 35%~45% performance of native implementation.
If input size is small, SnappyJS may have better performance than node-snappy
.
It is because calling native function in JS is much more expensive than calling JS function.
MIT License
FAQs
JavaScript implementation of Google's Snappy compression library
We found that snappyjs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.