node-md5 doesn't work with browserify
zeke opened this issue · 11 comments
md5('zeke@sikelianos.com')
// => TypeError: object is not a function
Use
var md5 = require('MD5');instead of
var md5 = require('md5');... as stated in the README.
The name clash regularly causes confusion, but there was a time when NPM allowed to register upper case as well as lower case names side by side.
I'm sorry for this. If you know how I can prevent new users from using the wrong module, please let me know.
It took me a while to find this module since I kept running into md5.
The existing md5 module seems like some random test/stub. Maybe @coolaj86 you could unpublish it, and @pvorb you could publish over it. Then you can decide whether you want to continue using MD5 or md5 as the main entry point (i.e. where one depends on the other). Alternatively you could just deprecate one with details pointing to the correct module in the readme.
There are very practical reasons to not use md5.
In addition, it has been deprecated and is not being included in newer
crypto libraries.
I would strongly recommend using sha1 or sha256 instead.
I probably reserved it and never did anything with it because it already
exists in node.
That said, I've added pvorb https://github.com/pvorb as an owner of md5
on npm.
AJ ONeal
(317) 426-6525
On Wed, Jul 15, 2015 at 12:36 PM, Matt DesLauriers <notifications@github.com
wrote:
It took me a while to find this module since I kept running into md5
https://www.npmjs.com/package/md5.The existing md5 module seems like some random test/stub. Maybe @coolaj86
https://github.com/coolaj86 you could unpublish it, and @pvorb
https://github.com/pvorb you could publish over it. Then you can decide
whether you want to continue using MD5 or md5 as the main entry point
(i.e. where one depends on the other). Alternatively you could just
deprecate one with details pointing to the correct module in the readme.—
Reply to this email directly or view it on GitHub
#5 (comment).
I would strongly recommend using sha1 or sha256 instead.
Yep, that's right. But there still are some use cases where you want to use MD5 (most likely for compatibility reasons, e.g. Gravatar).
That said, I've added pvorb https://github.com/pvorb as an owner of md5 on npm.
So what should we do now? In my opinion, a sane plan would be to entirely drop one of the packages on npm and replace it by MD5. If you agree with me, I'll try to figure out if that's even possible.
I think the best course of action would be to artificially bump your
version to 2.0.0 on lowercase md5, deprecate the uppercase MD5 with a
version 1.1.0, and keep both modules up for backwards compat.
AJ ONeal
(317) 426-6525
On Wed, Jul 15, 2015 at 1:04 PM, Paul Vorbach notifications@github.com
wrote:
@coolaj86 https://github.com/coolaj86
I would strongly recommend using sha1 or sha256 instead.
Yep, that's right. But there still are some use cases where you want to
use MD5 (most likely for compatibility reasons, e.g. Gravatar).That said, I've added pvorb https://github.com/pvorb as an owner of md5
on npm.So what should we do now? In my opinion, a sane plan would be to entirely
drop one of the packages on npm and replace it by MD5. If you agree with
me, I'll try to figure out if that's even possible.—
Reply to this email directly or view it on GitHub
#5 (comment).
If you agree with me, I'll try to figure out if that's even possible.
I would strongly recommend using sha1 or sha256 instead.
Sure, it can be added as a note, but it is still useful to have a MD5 function on npm.
@coolaj86 That sounds good.
Replacing md5 completely with MD5 would have the benefit of being able to still use var md5 = require('MD5'); as well as var md5 = require('md5');. So the code of MD5's dependents wouldn't need to change. On the other hand, there still are packages depending on old versions of md5 and MD5. Those should also be supported.
@coolaj86 https://github.com/coolaj86 That sounds good.
Replacing md5 completely with MD5 would have the benefit of being able to
still use var md5 = require('MD5'); as well as var md5 = require('md5');.
So the code of MD5's dependents wouldn't need to change. On the other hand,
there still are packages depending on old versions of md5 and MD5. Those
should also be supported.Yeah, so just bumping the major version as a "warning, this might be a
breaking change for you" and adding a deprecation notice (there's an npm
commandline option for that) should be suitable.
It's probably possible to add a little shim that would make it backwards
compatible in most cases too. But if you bump it to 2.0.0, I'd say don't
worry about a shim - just let my old version break and die.
The key being "add", not "replace" nor "delete".
- MD5 1.2.2 -> 1.3.0 with "deprecated, use lowercase 'md5@2.x' from now on"
- md5 1.0.0 -> 2.0.0 (with or without shim)
The deed is done.
$ npm view md5
{ name: 'md5',
description: 'js function for hashing messages with MD5',
'dist-tags': { latest: '2.0.0' },
versions: [ '1.0.0', '1.0.1', '2.0.0' ],
maintainers: [ 'coolaj86 <coolaj86@gmail.com>', 'pvorb <paul@vorba.ch>' ],
time:
{ modified: '2015-07-15T21:33:44.776Z',
created: '2011-08-27T21:25:23.732Z',
'1.0.0': '2012-05-13T00:00:30.935Z',
'1.0.1': '2012-05-13T00:00:11.449Z',
'2.0.0': '2015-07-15T21:33:44.776Z' },
author: 'Paul Vorbach <paul@vorba.ch> (http://paul.vorba.ch)',
repository: { type: 'git', url: 'git://github.com/pvorb/node-md5.git' },
users: { haeck: true, samhou1988: true },
homepage: 'https://github.com/pvorb/node-md5#readme',
readmeFilename: 'README.md',
contributors: 'salba',
bugs: { url: 'https://github.com/pvorb/node-md5/issues' },
license: 'BSD-3-Clause',
tags: [ 'md5', 'hash', 'encryption', 'message digest' ],
version: '2.0.0',
main: 'md5.js',
scripts: { test: 'mocha' },
dependencies: { charenc: '~ 0.0.1', crypt: '~ 0.0.1', 'is-buffer': '~ 1.0.2' },
devDependencies: { mocha: '~ 1.4.2' },
optionalDependencies: {},
gitHead: 'c018e8932d0fbb2a200a540a055da487f4f9c150',
dist:
{ shasum: '75e392e0ebd5a9b88dc7cb7a93875137b87c8a33',
tarball: 'http://registry.npmjs.org/md5/-/md5-2.0.0.tgz' },
directories: {} }$ npm view MD5
{ name: 'MD5',
description: 'native js function for hashing messages with MD5 (deprecated, use lowercase md5@>=2.x from now on)',
'dist-tags': { stable: '1.0.0', latest: '1.3.0' },
versions:
[ '0.0.0',
'1.0.0',
'1.0.1',
'1.0.2',
'1.0.3',
'1.1.0',
'1.2.0',
'1.2.1',
'1.2.2',
'1.3.0' ],
maintainers: 'pvorb <paul@vorb.de>',
time:
{ modified: '2015-07-15T21:39:04.054Z',
created: '2011-11-25T02:59:35.402Z',
'0.0.0': '2011-11-25T02:59:38.617Z',
'1.0.0': '2012-06-18T09:36:25.690Z',
'1.0.1': '2012-09-11T08:16:17.207Z',
'1.0.2': '2012-11-25T12:00:29.943Z',
'1.0.3': '2012-11-25T12:47:30.470Z',
'1.1.0': '2013-07-11T19:09:28.438Z',
'1.2.0': '2013-11-21T18:13:15.045Z',
'1.2.1': '2014-04-05T09:10:01.649Z',
'1.2.2': '2015-05-19T18:50:09.803Z',
'1.3.0': '2015-07-15T21:37:45.247Z' },
author: 'Paul Vorbach <paul@vorb.de> (http://vorb.de)',
repository: { type: 'git', url: 'git://github.com/pvorb/node-md5.git' },
homepage: 'https://github.com/pvorb/node-md5#readme',
contributors: 'salba',
bugs: { url: 'https://github.com/pvorb/node-md5/issues' },
readmeFilename: 'README.md',
users:
{ 'shen-weizhong': true,
tmypawa: true,
yourhoneysky: true,
csbun: true,
ernie55ernie: true,
andriecool: true,
ronnykj: true },
license: 'BSD-3-Clause',
tags: [ 'md5', 'hash', 'encryption', 'native', 'message digest' ],
version: '1.3.0',
main: 'md5.js',
scripts: { test: 'mocha' },
engines: { node: '*' },
dependencies: { charenc: '>= 0.0.1', crypt: '>= 0.0.1' },
devDependencies: { mocha: '~ 1.4.2' },
optionalDependencies: {},
gitHead: '01663ccb3b365cd347e959878c2d9deb009d1a86',
dist:
{ shasum: '3cc266f0e89abb6b43a50f39a459df5bfde0b240',
tarball: 'http://registry.npmjs.org/MD5/-/MD5-1.3.0.tgz' },
deprecated: 'deprecated, use lowercase \'md5@2.x\' from now on',
directories: {} }