Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

zstd-napi

Package Overview
Dependencies
Maintainers
1
Versions
8
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

zstd-napi

zstd bindings with N-API

  • 0.0.8
  • latest
  • Source
  • npm
  • Socket score

Version published
Maintainers
1
Created
Source

npm codecov OpenSSF Scorecard OpenSSF Best Practices

zstd-napi

zstd-napi is a TypeScript binding to the native Zstandard compression library, using the Node-API addon interface.

A strong emphasis has been placed on reliability and performance. It has been used for years in at least one production envionment where it is invoked more than a million times per second.

Getting Started

To install, just run npm install zstd-napi (or the equivalent for your choice of package manager). By default, this will download a pre-built native module suitable for your platform from the corresponding GitHub release. If a prebuild isn't available, it will try to build the module from source, which should work as long as you have a C++ compiler installed.

Once installed, usage is as simple as:

import * as zstd from 'zstd-napi';
zstd.compress(Buffer.from('your data here'));

See the API documentation for more details!

Features

The library exposes all of the functionality present in the stable Zstandard API, including dictionary compression, multithreading, advanced compression parameters, and more.

Most of this functionality is available through a high-level API, which is the recommended way to use the library for nearly all applications. Both streaming and single-pass interfaces are available.

The high-level API is built on top of the low-level API, which is exposed as zstd-napi/binding. This is a wrapper around the raw Zstandard API designed to be as thin as possible while preventing JavaScript code from doing anything memory-unsafe. Notably, buffer management is left to the caller. It may be useful as a building block for another library developer, or for applications with specialized use-cases. Most users will be happier using the high-level API.

Currently, there's no support for the (unstable) Zstandard "experimental" API, but at least partial support is planned for the future. If there's functionality you'd like to use, please file an issue and let me know!

Support Policy

Node.js

All live Node.js verisons are supported on a first-class basis. Per the release cycle, this includes the Current version, the Active LTS version, and one or more Maintenance versions. In addition, one previous LTS version is supported on a best-effort basis. As of the latest zstd-napi release, this means:

Node.js VersionSupport
21 (Current)
20 (Active LTS)
18 (Maint. LTS)
16best-effort

Other versions may work, but they aren't regularly tested and may break at any time.

Platform

All of the native code in this project is fairly portable, so in principle zstd-napi should work on any platform supported by both Node.js and Zstandard.

Prebuilds are provided for all platforms with Tier 1 support in Node.js. This includes GNU/Linux armv7, arm64, and x64, macOS arm64 and x64, and Windows x64 and x86. GNU/Linux prebuilds are linked against Glibc 2.28, which is the same version required by official Node.js 18+ builds.

Please file an issue if this library doesn't work on your platform!

Zstandard

zstd-napi's native component statically links Zstandard, currently version 1.5.6. Newer versions will be pulled in as they are released.

Security Updates

This project will make every effort to promptly release fixes for discovered security vulnerabilties. Whenever possible, patches will be released for previous release branches to allow affected users to easily upgrade without other breaking changes.

FAQs

Package last updated on 08 Apr 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc