npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

hashon

v2.2.8

Published

Encrypt, decrypt and hash JSON data with AES and SHA — made for secure local files and syncing.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

felixlindfelixlind

Keywords

jsonencrypthashsecurecryptoaessha512localdatafilesystem

Readme

# hashon

![npm version](https://img.shields.io/npm/v/hashon.svg)  
![npm downloads](https://img.shields.io/npm/dm/hashon.svg)  
![license](https://img.shields.io/npm/l/hashon.svg?cacheBust=1)  

A simple Node.js library for automatically encrypting, decrypting, and hashing JSON data using CryptoJS.

---

## Installation

```bash
npm install hashon

Usage (async/await)

Use the async API to automatically keep encrypted .sec.json files in sync with your plaintext .json files.

Example usage with Express:

const express = require('express');
const fs = require('fs').promises;
const path = require('path');
const { decrypt, autoEncryptIfChanged } = require('hashon');
require('dotenv').config();

const app = express();
const port = 3001;

// 🔹 Ensure SECRET_KEY is provided
const SECRET_KEY = process.env.SECRET_KEY;
if (!SECRET_KEY) {
  console.error("❌ SECRET_KEY missing in .env file. Please add it for encryption/decryption.");
  process.exit(1);
}

const dataPath = path.join(__dirname, 'data', 'data.json');
const securePath = dataPath.replace(/\.json$/, '.sec.json');

// Automatically encrypt and sync .sec.json file on startup
autoEncryptIfChanged(dataPath, SECRET_KEY).catch(console.error);

// Serve plaintext JSON
app.get('/api/data', async (req, res) => {
  try {
    const raw = await fs.readFile(dataPath, 'utf-8');
    res.type('application/json').send(raw);
  } catch {
    res.status(500).json({ error: 'Could not read file' });
  }
});

// Serve decrypted JSON from encrypted file
app.get('/api/secure-data', async (req, res) => {
  try {
    const encrypted = await fs.readFile(securePath, 'utf-8');
    const json = decrypt(encrypted, SECRET_KEY);
    res.json(json);
  } catch (err) {
    console.error('[server] Decryption error:', err);
    res.status(500).json({ error: 'Decryption failed or file missing' });
  }
});

app.listen(port, () => {
  console.log(`[server] Listening on http://localhost:${port}`);
});

How It Works

  • You edit data.json as normal.
  • hashon detects changes and automatically updates data.sec.json asynchronously.
  • This ensures your encrypted data is always up to date without blocking your app.

About data.json and data.sec.json

  • data.json is your editable, plaintext JSON file.
  • data.sec.json is the AES-encrypted counterpart automatically managed by hashon.

Features

  • 🔐 AES encryption with optional secret key.
  • 🔒 SHA-512 hashing with $HASH$ prefix tagging.
  • ⚙️ Async, non-blocking file encryption and syncing.
  • 🧩 Easy integration in any Node.js or Express application.

Setting the Secret Key

Create a .env file in your project root:

SECRET_KEY=your_very_secret_password

If not set, a default insecure fallback key is used (do not use this in production).

⚠️ Always set a secure SECRET_KEY for production environments.

License

MIT

Changelog

See CHANGELOG.md for details on recent changes and releases.

Contributions

Feel free to open issues or submit pull requests on GitHub!

https://github.com/FelixLind1

Made by Felix Lind