Gathering detailed insights and metrics for etag
Gathering detailed insights and metrics for etag
Installations
npm install etagDeveloper Guide
BETA
Typescript
No
Module System
N/A
Min. Node Version
>= 0.6
Node Version
6.11.1
NPM Version
3.10.10
Releases
14
Languages
1
JavaScript
JavaScript (100%)
Developer
jshttp
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
259 Stars
147 Commits
37 Forks
11 Watchers
10 Branches
25 Contributors
Updated on Jul 01, 2025
Maintainers
1
Package Meta Information
Latest Version
1.8.1
Package Id
etag@1.8.1
Size
4.28 kB
NPM Version
3.10.10
Node Version
6.11.1
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
etag
Create simple HTTP ETags
This module generates HTTP ETags (as defined in RFC 7232) for use in HTTP responses.
Installation
This is a Node.js module available through the
npm registry. Installation is done using the
npm install command:
1$ npm install etag
API
1var etag = require('etag')
etag(entity, [options])
Generate a strong ETag for the given entity. This should be the complete
body of the entity. Strings, Buffers, and fs.Stats are accepted. By
default, a strong ETag is generated except for fs.Stats, which will
generate a weak ETag (this can be overwritten by options.weak).
1res.setHeader('ETag', etag(body))
Options
etag accepts these properties in the options object.
weak
Specifies if the generated ETag will include the weak validator mark (that
is, the leading W/). The actual entity tag is the same. The default value
is false, unless the entity is fs.Stats, in which case it is true.
Testing
1$ npm test
Benchmark
1$ npm run-script bench 2 3> etag@1.8.1 bench nodejs-etag 4> node benchmark/index.js 5 6 http_parser@2.7.0 7 node@6.11.1 8 v8@5.1.281.103 9 uv@1.11.0 10 zlib@1.2.11 11 ares@1.10.1-DEV 12 icu@58.2 13 modules@48 14 openssl@1.0.2k 15 16> node benchmark/body0-100b.js 17 18 100B body 19 20 4 tests completed. 21 22 buffer - strong x 258,647 ops/sec ±1.07% (180 runs sampled) 23 buffer - weak x 263,812 ops/sec ±0.61% (184 runs sampled) 24 string - strong x 259,955 ops/sec ±1.19% (185 runs sampled) 25 string - weak x 264,356 ops/sec ±1.09% (184 runs sampled) 26 27> node benchmark/body1-1kb.js 28 29 1KB body 30 31 4 tests completed. 32 33 buffer - strong x 189,018 ops/sec ±1.12% (182 runs sampled) 34 buffer - weak x 190,586 ops/sec ±0.81% (186 runs sampled) 35 string - strong x 144,272 ops/sec ±0.96% (188 runs sampled) 36 string - weak x 145,380 ops/sec ±1.43% (187 runs sampled) 37 38> node benchmark/body2-5kb.js 39 40 5KB body 41 42 4 tests completed. 43 44 buffer - strong x 92,435 ops/sec ±0.42% (188 runs sampled) 45 buffer - weak x 92,373 ops/sec ±0.58% (189 runs sampled) 46 string - strong x 48,850 ops/sec ±0.56% (186 runs sampled) 47 string - weak x 49,380 ops/sec ±0.56% (190 runs sampled) 48 49> node benchmark/body3-10kb.js 50 51 10KB body 52 53 4 tests completed. 54 55 buffer - strong x 55,989 ops/sec ±0.93% (188 runs sampled) 56 buffer - weak x 56,148 ops/sec ±0.55% (190 runs sampled) 57 string - strong x 27,345 ops/sec ±0.43% (188 runs sampled) 58 string - weak x 27,496 ops/sec ±0.45% (190 runs sampled) 59 60> node benchmark/body4-100kb.js 61 62 100KB body 63 64 4 tests completed. 65 66 buffer - strong x 7,083 ops/sec ±0.22% (190 runs sampled) 67 buffer - weak x 7,115 ops/sec ±0.26% (191 runs sampled) 68 string - strong x 3,068 ops/sec ±0.34% (190 runs sampled) 69 string - weak x 3,096 ops/sec ±0.35% (190 runs sampled) 70 71> node benchmark/stats.js 72 73 stat 74 75 4 tests completed. 76 77 real - strong x 871,642 ops/sec ±0.34% (189 runs sampled) 78 real - weak x 867,613 ops/sec ±0.39% (190 runs sampled) 79 fake - strong x 401,051 ops/sec ±0.40% (189 runs sampled) 80 fake - weak x 400,100 ops/sec ±0.47% (188 runs sampled)
License
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
project has 6 contributing companies or organizations
Details
- Info: ExpressGateway contributor org/company found, stream-utils contributor org/company found, repo-utils contributor org/company found, crypto-utils contributor org/company found, nodejs contributor org/company found, mysqljs contributor org/company found,
Reason
no dangerous workflow patterns detected
Reason
update tool detected
Details
- Info: detected update tool: Dependabot: .github/dependabot.yml:1
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
GitHub workflow tokens follow principle of least privilege
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:14
- Warn: jobLevel 'checks' permission set to 'write': .github/workflows/ci.yml:13
- Warn: jobLevel 'checks' permission set to 'write': .github/workflows/ci.yml:242
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:31
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:32
- Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:8
- Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:24
- Info: topLevel permissions set to 'read-all': .github/workflows/scorecard.yml:18
Reason
0 existing vulnerabilities detected
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/jshttp/.github/SECURITY.md:1
- Info: Found linked content: github.com/jshttp/.github/SECURITY.md:1
- Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy
- Info: Found text in security policy: github.com/jshttp/.github/SECURITY.md:1
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 1 commits out of 5 are checked with a SAST tool
Reason
2 out of 5 merged PRs checked by a CI test -- score normalized to 4
Reason
dependency not pinned by hash detected -- score normalized to 2
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:152: update your workflow using https://app.stepsecurity.io/secureworkflow/jshttp/etag/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:233: update your workflow using https://app.stepsecurity.io/secureworkflow/jshttp/etag/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:247: update your workflow using https://app.stepsecurity.io/secureworkflow/jshttp/etag/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/jshttp/etag/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/jshttp/etag/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/jshttp/etag/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/jshttp/etag/codeql.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:193
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:209
- Info: 3 out of 8 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 3 third-party GitHubAction dependencies pinned
- Info: 0 out of 2 npmCommand dependencies pinned
Reason
Found 4/30 approved changesets -- score normalized to 1
Reason
2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
6.1
/10
Last Scanned on 2025-07-07T21:28:35Z
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More