{"id":18240824,"url":"https://github.com/kawanet/sha256-uint8array","last_synced_at":"2025-09-08T18:38:19.922Z","repository":{"id":47775725,"uuid":"328307500","full_name":"kawanet/sha256-uint8array","owner":"kawanet","description":"Fast SHA-256 digest hash based on Uint8Array, pure JavaScript.","archived":false,"fork":false,"pushed_at":"2023-08-21T16:51:02.000Z","size":88,"stargazers_count":29,"open_issues_count":1,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-08-27T11:16:52.761Z","etag":null,"topics":["digest","hash","javascript","sha-256","sha256","typedarray"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kawanet.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-01-10T05:04:22.000Z","updated_at":"2025-07-23T21:48:58.000Z","dependencies_parsed_at":"2024-06-18T17:12:02.482Z","dependency_job_id":null,"html_url":"https://github.com/kawanet/sha256-uint8array","commit_stats":{"total_commits":51,"total_committers":1,"mean_commits":51.0,"dds":0.0,"last_synced_commit":"a035f83824c319d01ca1e7559fdcf1632c0cd6c4"},"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/kawanet/sha256-uint8array","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kawanet%2Fsha256-uint8array","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kawanet%2Fsha256-uint8array/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kawanet%2Fsha256-uint8array/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kawanet%2Fsha256-uint8array/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kawanet","download_url":"https://codeload.github.com/kawanet/sha256-uint8array/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kawanet%2Fsha256-uint8array/sbom","scorecard":{"id":552031,"data":{"date":"2025-08-11","repo":{"name":"github.com/kawanet/sha256-uint8array","commit":"a035f83824c319d01ca1e7559fdcf1632c0cd6c4"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.4,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":0,"reason":"Found 0/15 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/nodejs.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Info: Possibly incomplete results: error parsing shell code: \u003c must be followed by a word: Makefile:0","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/kawanet/sha256-uint8array/nodejs.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/kawanet/sha256-uint8array/nodejs.yml/main?enable=pin","Warn: npmCommand not pinned by hash: .github/workflows/nodejs.yml:18","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 18 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-20T11:08:38.376Z","repository_id":47775725,"created_at":"2025-08-20T11:08:38.376Z","updated_at":"2025-08-20T11:08:38.376Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274229384,"owners_count":25245189,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-08T02:00:09.813Z","response_time":121,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["digest","hash","javascript","sha-256","sha256","typedarray"],"created_at":"2024-11-05T05:05:18.169Z","updated_at":"2025-09-08T18:38:19.878Z","avatar_url":"https://github.com/kawanet.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# sha256-uint8array\n\n[![Node.js CI](https://github.com/kawanet/sha256-uint8array/workflows/Node.js%20CI/badge.svg?branch=main)](https://github.com/kawanet/sha256-uint8array/actions/)\n[![npm version](https://img.shields.io/npm/v/sha256-uint8array)](https://www.npmjs.com/package/sha256-uint8array)\n[![minified size](https://img.shields.io/bundlephobia/min/sha256-uint8array)](https://cdn.jsdelivr.net/npm/sha256-uint8array/dist/sha256-uint8array.min.js)\n\nFast SHA-256 digest hash based on Uint8Array, pure JavaScript.\n\n## SYNOPSIS\n\n```js\nimport {createHash} from \"sha256-uint8array\";\n\nconst text = \"\";\nconst hex = createHash().update(text).digest(\"hex\");\n// =\u003e \"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855\"\n\nconst data = new Uint8Array(0);\nconst hash = createHash().update(data).digest();\n// =\u003e \u003cUint8Array e3 b0 c4 42 98 fc 1c 14 9a fb f4 c8 99 6f b9 24 27 ae 41 e4 64 9b 93 4c a4 95 99 1b 78 52 b8 55\u003e\n```\n\nSee TypeScript declaration\n[sha256-uint8array.d.ts](https://github.com/kawanet/sha256-uint8array/blob/main/types/sha256-uint8array.d.ts)\nfor detail.\n\n## CJS\n\nBoth ES Modules and CommonJS supported.\n\n```js\nconst {createHash} = require(\"sha256-uint8array\");\n```\n\n## COMPATIBILITY\n\nIt has a better compatibility with Node.js's `crypto` module in its smaller footprint.\n\n|module|string IN|Uint8Array IN|TypedArray IN|hex OUT|Uint8Array OUT|minified|\n|---|---|---|---|---|---|---|\n|[crypto](https://nodejs.org/api/crypto.html)|✅ OK|✅ OK|✅ OK|✅ OK|✅ OK|-|\n|[sha256-uint8array](http://github.com/kawanet/sha256-uint8array)|✅ OK|✅ OK|✅ OK|✅ OK|✅ OK|4KB|\n|[crypto-js](https://npmjs.com/package/crypto-js)|✅ OK|🚫 NO|🚫 NO|✅ OK|🚫 NO|109KB|\n|[jssha](https://npmjs.com/package/jssha)|✅ OK|✅ OK|🚫 NO|✅ OK|✅ OK|11KB|\n|[hash.js](https://www.npmjs.com/package/hash.js)|✅ OK|✅ OK|🚫 NO|✅ OK|✅ OK|17KB|\n|[sha.js](https://npmjs.com/package/sha.js)|✅ OK|✅ OK|🚫 NO|✅ OK|✅ OK|27KB|\n|[jshashes](https://npmjs.com/package/jshashes)|✅ OK|🚫 NO|🚫 NO|✅ OK|🚫 NO|23KB|\n|[create-hash](https://npmjs.com/package/create-hash)|✅ OK|✅ OK|🚫 NO|✅ OK|✅ OK|95KB|\n|[@aws-crypto/sha256-js](https://www.npmjs.com/package/@aws-crypto/sha256-js)|✅ OK|✅ OK|🚫 NO|🚫 NO|✅ OK|14KB|\n|[crypto.subtle.digest()](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest)|🚫 NO|✅ OK|✅ OK|🚫 NO|🚫 NO|-|\n\nThe W3C standard `crypto.subtle.digest()` API has a different interface which\n[returns](https://github.com/microsoft/TypeScript/blob/master/lib/lib.dom.d.ts)\n`Promise\u003cArrayBuffer\u003e`.\n\n## SPEED\n\nIt runs well both on Node.js and browsers.\nNode.js's native `crypto` module definitely runs faster than any others on Node.js, though.\n\n|module|version|node.js V14|Chrome 87|Safari 14|\n|---|---|---|---|---|\n|[crypto](https://nodejs.org/api/crypto.html)|-|93ms 👍|N/A|N/A|\n|[sha256-uint8array](http://github.com/kawanet/sha256-uint8array)|0.10.0|286ms|488ms 👍|271ms 👍|\n|[crypto-js](https://npmjs.com/package/crypto-js)|4.0.0|809ms|935ms|912ms|\n|[jssha](https://npmjs.com/package/jssha)|3.2.0|869ms|943ms|974ms|\n|[hash.js](https://www.npmjs.com/package/hash.js)|1.1.7|642ms|712ms|1,570ms|\n|[sha.js](https://npmjs.com/package/sha.js)|2.4.11|353ms|806ms|3,615ms|\n|[jshashes](https://npmjs.com/package/jshashes)|1.0.8|1,395ms|2,344ms|1,103ms|\n\nThe benchmark above shows milliseconds for 20,000 times of\nSHA-256 `hex` hash digest generation for approx 1KB string as input.\nIt is tested on macOS 10.15.7 Intel Core i7 3.2GHz.\nYou could run the benchmark as below.\n\n```sh\ngit clone https://github.com/kawanet/sha256-uint8array.git\ncd sha256-uint8array\nnpm install\nnpm run build\n\n# run the benchmark on Node.js\nREPEAT=10000 ./node_modules/.bin/mocha test/99.benchmark.js\n\n# run tests and the benchmark on browser\nmake -C browser\nopen browser/test.html\n```\n\n## WEB BROWSERS\n\n- The minified build of the library is also available for Web browsers via\n[jsDelivr CDN](https://www.jsdelivr.com/package/npm/sha256-uint8array).\n- https://cdn.jsdelivr.net/npm/sha256-uint8array/dist/sha256-uint8array.min.js\n- Live Demo https://kawanet.github.io/sha256-uint8array/\n\n```html\n\u003cscript src=\"https://cdn.jsdelivr.net/npm/sha256-uint8array/dist/sha256-uint8array.min.js\"\u003e\u003c/script\u003e\n\u003cscript\u003e\n  const text = \"\";\n  const hex = SHA256.createHash().update(text).digest(\"hex\");\n  // =\u003e \"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855\"\n\n  const data = new Uint8Array(0);\n  const hash = SHA256.createHash().update(data).digest();\n  // =\u003e \u003cUint8Array e3 b0 c4 42 98 fc 1c 14 9a fb f4 c8 99 6f b9 24 27 ae 41 e4 64 9b 93 4c a4 95 99 1b 78 52 b8 55\u003e\n\u003c/script\u003e\n```\n\n## BROWSERIFY\n\nIt works great with\n[browserify](https://www.npmjs.com/package/browserify)\nvia `browser` property of `package.json` of your app if you needs\n`crypto.createHash(\"sha256\").update(data).digest(\"hex\");` syntax only.\n\n```json\n{\n  \"browser\": {\n    \"crypto\": \"sha256-uint8array/dist/sha256-uint8array.min.js\"\n  },\n  \"devDependencies\": {\n    \"browserify\": \"^17.0.0\",\n    \"sha256-uint8array\": \"^0.10.0\"\n  }\n}\n```\n\nIt costs only less than 4KB, whereas `browserify`'s default `crypto` polyfill\ncosts more than 300KB huge even after minified.\n\n```js\n// On Node.js, this loads Node.js's native crypto module which is faster.\n// On browsers, this uses sha256-uint8array.min.js which is small and fast.\nconst crypto = require(\"crypto\");\n\nconst hash = crypto.createHash(\"sha256\").update(\"\").digest(\"hex\");\n// =\u003e \"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855\"\n```\n\n## LINKS\n\n- https://www.npmjs.com/package/sha1-uint8array\n- https://www.npmjs.com/package/sha256-uint8array\n- https://github.com/kawanet/sha256-uint8array\n- https://github.com/kawanet/sha256-uint8array/blob/main/types/sha256-uint8array.d.ts\n\n## MIT LICENSE\n\nCopyright (c) 2020-2023 Yusuke Kawasaki\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated\ndocumentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the\nrights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit\npersons to whom the Software is furnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the\nSoftware.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE\nWARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\nCOPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\nOTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkawanet%2Fsha256-uint8array","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkawanet%2Fsha256-uint8array","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkawanet%2Fsha256-uint8array/lists"}