Security News
JavaScript Leaders Demand Oracle Release the JavaScript Trademark
In an open letter, JavaScript community leaders urge Oracle to give up the JavaScript trademark, arguing that it has been effectively abandoned through nonuse.
sumchecker
Advanced tools
The sumchecker npm package is used to verify the integrity of files by checking their checksums against known values. This is particularly useful for ensuring that files have not been tampered with or corrupted during download or transfer.
Checksum Verification
This feature allows you to verify the checksums of multiple files against a checksum file. The code sample demonstrates how to use the sumchecker package to verify the integrity of 'file1.zip' and 'file2.zip' using SHA-256 checksums listed in 'checksums.txt'.
const sumchecker = require('sumchecker');
const path = require('path');
const checksumFile = 'checksums.txt';
const baseDir = path.join(__dirname, 'downloads');
const files = ['file1.zip', 'file2.zip'];
sumchecker('sha256', checksumFile, baseDir, files)
.then(() => {
console.log('All files verified successfully');
})
.catch((err) => {
console.error('Checksum verification failed', err);
});
The integrity-checker package provides similar functionality for verifying file integrity using checksums. It supports multiple algorithms like MD5, SHA-1, and SHA-256. Compared to sumchecker, integrity-checker offers a more extensive set of algorithms and additional features like recursive directory checks.
The checksum-validator package is another alternative for verifying file checksums. It is simpler and more lightweight compared to sumchecker, focusing on ease of use and quick validation of individual files. It supports common algorithms like MD5 and SHA-256.
Sumchecker is a pure Node.js solution to validating files specified in a checksum file, which are
usually generated by programs such as sha256sum
.
sumchecker(algorithm, checksumFilename, baseDir, filesToCheck)
.then(() => {
console.log('All files validate!');
}, (error) => {
console.error('An error occurred', error);
});
Returns a Promise
. The promise is resolved when all files specified
in filesToCheck
are validated. The promise is rejected otherwise.
algorithm
String
- The hash algorithm used in checksumFilename
. Corresponds to the
algorithms allowed by crypto.createHash()
.
checksumFilename
String
- The path to the checksum file.
baseDir
String
- The base directory for the files specified in filesToCheck
.
filesToCheck
Array
or String
- one or more paths of the files that will be validated, relative to
baseDir
.
These are sumchecker
-specific error classes that are passed to the promise's reject callback.
sumchecker.ChecksumMismatchError
When at least one of the files does not match its expected checksum.
Properties:
filename
(String
) - a path to a file that did not matchsumchecker.ChecksumParseError
When the checksum file cannot be parsed (as in, it does not match the checksum file format).
Properties:
lineNumber
(Number
) - the line number that could not be parsedline
(String
) - the raw line data that could not be parsed, sans newlinesumchecker.NoChecksumFoundError
When at least one of the files specified to check is not listed in the checksum file.
Properties:
filename
(String
)- a filename from filesToCheck
This library is copyrighted under the terms of the Apache 2.0 License.
FAQs
Checksum validator
The npm package sumchecker receives a total of 440,887 weekly downloads. As such, sumchecker popularity was classified as popular.
We found that sumchecker demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In an open letter, JavaScript community leaders urge Oracle to give up the JavaScript trademark, arguing that it has been effectively abandoned through nonuse.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.