Installations
npm install hash-itDeveloper Guide
Typescript
Yes
Module System
ESM, UMD
Node Version
16.14.2
NPM Version
8.7.0
Score
99.2
Supply Chain
100
Quality
76.2
Maintenance
100
Vulnerability
100
License
Releases
Contributors
Unable to fetch Contributors
Languages
TypeScript (74.19%)
JavaScript (25.81%)
Love this project? Help keep it running — sponsor us today! 🚀
Developer
planttheidea
Download Statistics
Total Downloads
31,279,433
Last Day
3,078
Last Week
3,078
Last Month
953,295
Last Year
14,124,124
GitHub Statistics
209 Stars
116 Commits
13 Forks
5 Watching
9 Branches
4 Contributors
Bundle Size
4.74 kB
Minified
1.76 kB
Minified + Gzipped
Maintainers
Package Meta Information
Latest Version
6.0.0
Package Id
hash-it@6.0.0
Unpacked Size
145.32 kB
Size
21.81 kB
File Count
40
NPM Version
8.7.0
Node Version
16.14.2
Publised On
09 Jan 2023
Total Downloads
Cumulative downloads
Total Downloads
31,279,433
Last day
0%
3,078
Compared to previous day
Last week
-98.6%
3,078
Compared to previous week
Last month
-4.6%
953,295
Compared to previous month
Last year
47.9%
14,124,124
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
37
hash-it
Fast and consistent hashCode for any object type
Table of contents
Usage
1// ES2015 2import hash from 'hash-it'; 3 4// CommonJS 5const hash = require('hash-it'); 6 7// hash any standard object 8console.log(hash({ foo: 'bar' })); // 13729774857125 9 10// or a circular object 11console.log(hash(window)); // 3270731309314
Overview
hash-it has a simple goal: provide a fast, consistent, unique hashCode for any object type that is uniquely based on its values. This has a number of uses such as duplication prevention, equality comparisons, blockchain construction, etc.
Any object type?
Yes, any object type. Primitives, ES2015 classes like Symbol, DOM elements (yes, you can even hash the window object if you want). Any object type. Here is the list of object classes that produce consistent, unique hashes based on their value:
ArgumentsArrayArrayBufferAsyncFunction(based ontoString)AsyncGeneratorFunction(based ontoString)BigIntBigInt64ArrayBigUint64ArrayBooleanDataView(based on itsbuffer)Date(based ongetTime)DocumentFragment(based onouterHTMLof allchildren)Error(based onstack)- Includes all sub-types (e.g.,
TypeError,ReferenceError, etc.)
- Includes all sub-types (e.g.,
Event(based on all properties other thanEvent.timeStamp)- Includes all sub-types (e.g.,
MouseEvent,KeyboardEvent, etc.)
- Includes all sub-types (e.g.,
Float32ArrayFloat64ArrayFunction(based ontoString)GeneratorFunction(based ontoString)Int8ArrayInt16ArrayInt32ArrayHTMLElement(based onouterHTML)- Includes all sub-types (e.g.,
HTMLAnchorElement,HTMLDivElement, etc.)
- Includes all sub-types (e.g.,
Map(order-agnostic)NullNumberObject(handles circular objects, order-agnostic)ProxyRegExpSet(order-agnostic)SharedArrayBufferStringSVGElement(based onouterHTML)- Includes all sub-types (e.g.,
SVGRectElement,SVGPolygonElement, etc.)
- Includes all sub-types (e.g.,
Symbol(based ontoString)Uint8ArrayUint8ClampedArrayUint16ArrayUint32ArrayUndefinedWindow
Are there any exceptions?
Sadly, yes, there are a few scenarios where internal values cannot be introspected for the object. In this case, the object is hashed based on its class type and reference.
Promise- There is no way to obtain the values contained within due to its asynchronous nature
Generator(the result of calling aGeneratorFunction)- Like
Promise, there is no way to obtain the values contained within due to its dynamic iterable nature
- Like
WeakMap/WeakRef/WeakSet- The spec explicitly forbids iteration over them, so the unique values cannot be discovered
1const promise = Promise.resolve(123); 2 3console.log(hash(promise)); // 16843037491939 4console.log(hash(promise)); // 16843037491939 5console.log(hash(Promise.resolve(123))); // 4622327363876
If there is an object class or data type that is missing, please submit an issue.
Hash consistency
While the hashes will be consistent when calculated within the same environment, there is no guarantee that the resulting hash will be the same across different environments due to environment-specific or browser-specific implementations of features. This is limited to extreme edge cases, such as hashing the window object, but should be considered if being used with persistence over different environments.
Support
Browsers
- Chrome (all versions)
- Firefox (all versions)
- Edge (all versions)
- Opera 15+
- IE 9+
- Safari 6+
- iOS 8+
- Android 4+
Node
- 4+
Development
Clone the repo and dependencies via yarn. The npm scripts available:
benchmark=> run benchmark of various data typesbenchmark:compare=> run benchmark of some data types comparing against other hashing modulesbuild=> run rollup to build ESM, CJS, and UMD filesclean=> remove files produced frombuildscriptdev=> run webpack dev server to run example app / playgroundlint=> run ESLint against all files in thesrcfolderlint:fix=> runlintscript, automatically applying fixable changesprepublishOnly=> runtypecheck,lint,test, andbuildstart=> alias fordevscripttest=> run jest test functions withNODE_ENV=testtest:coverage=> runtestwith coverage checkertest:watch=> runtestwith persistent watchertypecheck=> runtscto validate internal typings
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 1/5 approved changesets -- score normalized to 2
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 27 are checked with a SAST tool
Reason
22 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-cchq-frgv-rjh5
- Warn: Project is vulnerable to: GHSA-g644-9gfx-q4q4
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
2.3
/10
Last Scanned on 2025-01-27
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to hash-it
@types/hash-it
Stub TypeScript definitions entry for hash-it, which provides its own types definitions
@monoblog/change-hash
Monoblog CLI that fetches the latest updated timestamp and makes it into a hash
@hashup-it/hashup-react-sdk
This is official HashUp protocol SDK for React. You can use it to make your own marketplace using our protocol.
hash-detectjs
detect-hash is a JavaScript module that allows you to detect the algorithm used to produce a hash. It works by matching the hash against a list of regular expressions and hash algorithms, and returns a list of possible algorithms that the hash could have