1.0.0 • Published 3 years ago

@monolithed/sri v1.0.0

Weekly downloads
-
License
MIT
Repository
github
Last release
3 years ago

@monolithed/sri

Build Status License

A Subresource Integrity (SRI) generator.

Installation

Install with npm or Yarn:

npm:

npm install @monolithed/sri --save

Yarn:

yarn add @monolithed/sri

Synopsis

generate(file: string, {algorithm: string}): Promise<string>;

Basic usage

import {generate} from '@monolithed/sri';

generate('file.js')
    .then((integrity) => {
            // sha512-z4PhNX7vuL3xVChQ1m2AB9Yg5AULVxXcg/SpIdNs6c5H0NE8XYXysP+DGNKHfuwvY7kxvUdBeoGlODJ6+SfaPg==
    })
    .catch((error) => {
        console.error(error);
    });

Weak signature algorithms like 'md5', 'sha1' or 'des' are not allowed.

API

algorithm

Response verification algorithms:

import {generate} from '@monolithed/sri';

await generate('file.js', {algorithm: 'sha256'})
// sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=

Contributing

Feel free to submit a pull request if you find any bugs. Please make sure all commits are properly documented.

Tests

npm test

Publishing

npm publish --access public --verbose

License

MIT