Generated on Apr 16, 2024 via pnpm

Npm

Home

safer-buffer 2.1.2

Modern Buffer API polyfill without footguns

Package summary

issues

license

Package created

19 Mar 2018

Version published

8 Apr 2018

Maintainers

Total deps

Direct deps

License

MIT

Issues

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

1 Packages, Including:

safer-buffer@2.1.2

Direct Dependencies

All Dependencies CSV

ⓘ This is a list of safer-buffer 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities

Tree

Treemap

Frequently Asked Questions

What does safer-buffer do?

The "safer-buffer" npm package acts as a polyfill for the modern Buffer API in JavaScript. It enhances the safety and reliability of the Buffer object across different Node.js versions, ranging from version 0.8 to the current version. Its main purpose is to help developers avoid some common JavaScript pitfalls, referred to as "footguns," which can lead to insecure or unexpected behavior in your code.

How do you use safer-buffer?

To utilize "safer-buffer" in your JavaScript project, you first need to replace all Buffer() and new Buffer() calls with Buffer.alloc() and Buffer.from(). This aligns your code with the newer and safer Buffer API. Then, you can include "safer-buffer" for compatibility with older Node.js versions (specifically versions less than 4.5.0 and 5.x less than 5.9.0). You do this by requiring the module and assigning it to Buffer as follows:

const Buffer = require('safer-buffer').Buffer;

For older versions of Node.js that don't support const, you can use var instead:

var Buffer = require('safer-buffer').Buffer;

You then use this Buffer in place of the traditional Node.js Buffer.

"safer-buffer" also provides a solution for developers who don't want errors to be thrown by the polyfill. You can require the module and assign it to a different variable instead of overriding the default Buffer. This allows for native Buffer usage while still providing access to the safer functions:

var SaferBuffer = require('safer-buffer').Buffer;

In this case, you will need to use SaferBuffer.from and SaferBuffer.alloc when you want to use the polyfilled functions.

Where are the safer-buffer docs?

The documentation for the "safer-buffer" package is available on GitHub at https://github.com/ChALkeR/safer-buffer. It includes a thorough README that provides an overview of the package, instructions on how to use it, comparison with other similar packages (like safe-buffer), and a porting guide to assist in migrating from the old Buffer API to the new one. Importantly, the documention emphasizes the package's goal of providing a safer and more secure Buffer API experience, and it contains valuable information on how to get the most out of the "safer-buffer" package while avoiding some of the risks inherent in JavaScript Buffer manipulation.