Home
Docs
GitHub
Pricing
Blog
Log In

Run Sandworm Audit for your App

Get started
Hold on, we're currently generating a fresh version of this report
Generated on Apr 16, 2024 via pnpm

safer-buffer 2.1.2

Modern Buffer API polyfill without footguns
Package summary
Share
0
issues
1
license
1
MIT
Package created
19 Mar 2018
Version published
8 Apr 2018
Maintainers
1
Total deps
1
Direct deps
0
License
MIT

Issues

0
This package has no issues

Licenses

MIT License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
Cannot
hold-liable
Must
include-copyright
include-license
1 Packages, Including:
safer-buffer@2.1.2
Disclaimer

This deed highlights only some of the key features and terms of the actual license. It is not a license and has no legal value. You should carefully review all of the terms and conditions of the actual license before using the licensed material.

Sandworm is not a law firm and does not provide legal services. Distributing, displaying, or linking to this deed or the license that it summarizes does not create a lawyer-client or any other relationship.

Direct Dependencies

0
All Dependencies CSV
β“˜ This is a list of safer-buffer 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.
NameVersionSizeLicenseTypeVulnerabilities

Visualizations

Frequently Asked Questions

What does safer-buffer do?

The "safer-buffer" npm package acts as a polyfill for the modern Buffer API in JavaScript. It enhances the safety and reliability of the Buffer object across different Node.js versions, ranging from version 0.8 to the current version. Its main purpose is to help developers avoid some common JavaScript pitfalls, referred to as "footguns," which can lead to insecure or unexpected behavior in your code.

How do you use safer-buffer?

To utilize "safer-buffer" in your JavaScript project, you first need to replace all Buffer() and new Buffer() calls with Buffer.alloc() and Buffer.from(). This aligns your code with the newer and safer Buffer API. Then, you can include "safer-buffer" for compatibility with older Node.js versions (specifically versions less than 4.5.0 and 5.x less than 5.9.0). You do this by requiring the module and assigning it to Buffer as follows:

const Buffer = require('safer-buffer').Buffer;

For older versions of Node.js that don't support const, you can use var instead:

var Buffer = require('safer-buffer').Buffer;

You then use this Buffer in place of the traditional Node.js Buffer.

"safer-buffer" also provides a solution for developers who don't want errors to be thrown by the polyfill. You can require the module and assign it to a different variable instead of overriding the default Buffer. This allows for native Buffer usage while still providing access to the safer functions:

var SaferBuffer = require('safer-buffer').Buffer;

In this case, you will need to use SaferBuffer.from and SaferBuffer.alloc when you want to use the polyfilled functions.

Where are the safer-buffer docs?

The documentation for the "safer-buffer" package is available on GitHub at https://github.com/ChALkeR/safer-buffer. It includes a thorough README that provides an overview of the package, instructions on how to use it, comparison with other similar packages (like safe-buffer), and a porting guide to assist in migrating from the old Buffer API to the new one. Importantly, the documention emphasizes the package's goal of providing a safer and more secure Buffer API experience, and it contains valuable information on how to get the most out of the "safer-buffer" package while avoiding some of the risks inherent in JavaScript Buffer manipulation.