Gathering detailed insights and metrics for hash-it
Gathering detailed insights and metrics for hash-it
Installations
npm install hash-itDeveloper Guide
BETA
Typescript
Yes
Module System
ESM, UMD
Node Version
16.14.2
NPM Version
8.7.0
Score
99.2
Supply Chain
100
Quality
76.2
Maintenance
100
Vulnerability
100
License
Releases
4
Languages
2
TypeScript
JavaScript
TypeScript (74.19%)
JavaScript (25.81%)
Developer
planttheidea
Download Statistics
Total Downloads
37,876,010
Last Day
12,604
Last Week
394,161
Last Month
1,695,335
Last Year
16,269,810
GitHub Statistics
MIT License
209 Stars
116 Commits
13 Forks
4 Watchers
9 Branches
4 Contributors
Updated on Jan 10, 2025
Bundle Size
4.74 kB
Minified
1.76 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
6.0.0
Package Id
hash-it@6.0.0
Unpacked Size
145.32 kB
Size
21.81 kB
File Count
40
NPM Version
8.7.0
Node Version
16.14.2
Published on
Jan 09, 2023
Total Downloads
Cumulative downloads
Total Downloads
37,876,010
Last Day
28.2%
12,604
Compared to previous day
Last Week
-6.9%
394,161
Compared to previous week
Last Month
6.2%
1,695,335
Compared to previous month
Last Year
34.1%
16,269,810
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
37
@faker-js/faker@rollup/plugin-commonjs@rollup/plugin-node-resolve@rollup/plugin-replace@rollup/plugin-terser@rollup/plugin-typescript@types/jest@types/react@types/react-dom@typescript-eslint/eslint-plugin@typescript-eslint/parserbenchmarkeslinteslint-friendly-formattereslint-webpack-pluginhash-objecthtml-webpack-pluginhuskyjestjest-environment-jsdomjest-expect-messagenode-object-hashobject-hashoraprop-typesreactreact-domrelease-itrimrafrollupts-jestts-loadertslibtypescriptwebpackwebpack-cliwebpack-dev-server
hash-it
Fast and consistent hashCode for any object type
Table of contents
Usage
1// ES2015 2import hash from 'hash-it'; 3 4// CommonJS 5const hash = require('hash-it'); 6 7// hash any standard object 8console.log(hash({ foo: 'bar' })); // 13729774857125 9 10// or a circular object 11console.log(hash(window)); // 3270731309314
Overview
hash-it has a simple goal: provide a fast, consistent, unique hashCode for any object type that is uniquely based on its values. This has a number of uses such as duplication prevention, equality comparisons, blockchain construction, etc.
Any object type?
Yes, any object type. Primitives, ES2015 classes like Symbol, DOM elements (yes, you can even hash the window object if you want). Any object type. Here is the list of object classes that produce consistent, unique hashes based on their value:
ArgumentsArrayArrayBufferAsyncFunction(based ontoString)AsyncGeneratorFunction(based ontoString)BigIntBigInt64ArrayBigUint64ArrayBooleanDataView(based on itsbuffer)Date(based ongetTime)DocumentFragment(based onouterHTMLof allchildren)Error(based onstack)- Includes all sub-types (e.g.,
TypeError,ReferenceError, etc.)
- Includes all sub-types (e.g.,
Event(based on all properties other thanEvent.timeStamp)- Includes all sub-types (e.g.,
MouseEvent,KeyboardEvent, etc.)
- Includes all sub-types (e.g.,
Float32ArrayFloat64ArrayFunction(based ontoString)GeneratorFunction(based ontoString)Int8ArrayInt16ArrayInt32ArrayHTMLElement(based onouterHTML)- Includes all sub-types (e.g.,
HTMLAnchorElement,HTMLDivElement, etc.)
- Includes all sub-types (e.g.,
Map(order-agnostic)NullNumberObject(handles circular objects, order-agnostic)ProxyRegExpSet(order-agnostic)SharedArrayBufferStringSVGElement(based onouterHTML)- Includes all sub-types (e.g.,
SVGRectElement,SVGPolygonElement, etc.)
- Includes all sub-types (e.g.,
Symbol(based ontoString)Uint8ArrayUint8ClampedArrayUint16ArrayUint32ArrayUndefinedWindow
Are there any exceptions?
Sadly, yes, there are a few scenarios where internal values cannot be introspected for the object. In this case, the object is hashed based on its class type and reference.
Promise- There is no way to obtain the values contained within due to its asynchronous nature
Generator(the result of calling aGeneratorFunction)- Like
Promise, there is no way to obtain the values contained within due to its dynamic iterable nature
- Like
WeakMap/WeakRef/WeakSet- The spec explicitly forbids iteration over them, so the unique values cannot be discovered
1const promise = Promise.resolve(123); 2 3console.log(hash(promise)); // 16843037491939 4console.log(hash(promise)); // 16843037491939 5console.log(hash(Promise.resolve(123))); // 4622327363876
If there is an object class or data type that is missing, please submit an issue.
Hash consistency
While the hashes will be consistent when calculated within the same environment, there is no guarantee that the resulting hash will be the same across different environments due to environment-specific or browser-specific implementations of features. This is limited to extreme edge cases, such as hashing the window object, but should be considered if being used with persistence over different environments.
Support
Browsers
- Chrome (all versions)
- Firefox (all versions)
- Edge (all versions)
- Opera 15+
- IE 9+
- Safari 6+
- iOS 8+
- Android 4+
Node
- 4+
Development
Clone the repo and dependencies via yarn. The npm scripts available:
benchmark=> run benchmark of various data typesbenchmark:compare=> run benchmark of some data types comparing against other hashing modulesbuild=> run rollup to build ESM, CJS, and UMD filesclean=> remove files produced frombuildscriptdev=> run webpack dev server to run example app / playgroundlint=> run ESLint against all files in thesrcfolderlint:fix=> runlintscript, automatically applying fixable changesprepublishOnly=> runtypecheck,lint,test, andbuildstart=> alias fordevscripttest=> run jest test functions withNODE_ENV=testtest:coverage=> runtestwith coverage checkertest:watch=> runtestwith persistent watchertypecheck=> runtscto validate internal typings
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 1/5 approved changesets -- score normalized to 2
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 27 are checked with a SAST tool
Reason
32 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
- Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
- Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh
- Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-cchq-frgv-rjh5
- Warn: Project is vulnerable to: GHSA-g644-9gfx-q4q4
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v
- Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
2.3
/10
Last Scanned on 2025-06-23
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More