Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
@adraffy/ens-normalize
Advanced tools
Readme
0-dependancy Ethereum Name Service (ENS) Name Normalizer.
28KB
— native NFC
via nf-native.js using String.normalize()
⚠️37KB
Default — custom NFC
via nf.js43KB
Everything! — custom NFC
+ sub-libraries: parts.js, utils.jsimport {ens_normalize} from '@adraffy/ens-normalize'; // or require()
// npm i @adraffy/ens-normalize
// browser: https://cdn.jsdelivr.net/npm/@adraffy/ens-normalize@latest/dist/index.min.mjs (or .cjs)
// *** ALL errors thrown by this library are safe to print ***
// - characters are shown as {HEX} if should_escape()
// - potentially different bidi directions inside "quotes"
// - 200E is used near "quotes" to prevent spillover
// - an "error type" can be extracted by slicing up to the first (:)
// - labels are middle-truncated with ellipsis (…) at 63 cps
// string -> string
// throws on invalid names
// output ready for namehash
let normalized = ens_normalize('RaFFY🚴♂️.eTh');
// => "raffy🚴♂.eth"
// note: does not enforce .eth registrar 3-character minimum
Format names with fully-qualified emoji:
// works like ens_normalize()
// output ready for display
let pretty = ens_beautify('1⃣2⃣.eth');
// => "1️⃣2️⃣.eth"
// note: normalization is unchanged:
// ens_normalize(ens_beautify(x)) == ens_normalize(x)
Normalize name fragments for substring search:
// these fragments fail ens_normalize()
// but will normalize fine as fragments
let frag1 = ens_normalize_fragment('AB--'); // expected error: label ext
let frag2 = ens_normalize_fragment('\u{303}'); // expected error: leading cm
let frag3 = ens_normalize_fragment('οо'); // expected error: mixture
Input-based tokenization:
// string -> Token[]
// never throws
let tokens = ens_tokenize('_R💩\u{FE0F}a\u{FE0F}\u{304}\u{AD}./');
// [
// { type: 'valid', cp: [ 95 ] }, // valid (as-is)
// {
// type: 'mapped',
// cp: 82, // input
// cps: [ 114 ] // output
// },
// {
// type: 'emoji',
// input: Emoji(2) [ 128169, 65039 ], // input
// emoji: [ 128169, 65039 ], // fully-qualified
// cps: Emoji(1) [ 128169 ] // output (normalized)
// },
// {
// type: 'nfc',
// input: [ 97, 772 ], // input (before nfc)
// tokens0: [ // tokens (before nfc)
// { type: 'valid', cps: [ 97 ] },
// { type: 'ignored', cp: 65039 },
// { type: 'valid', cps: [ 772 ] }
// ],
// cps: [ 257 ], // output (after nfc)
// tokens: [ // tokens (after nfc)
// { type: 'valid', cps: [ 257 ] }
// ]
// },
// { type: 'ignored', cp: 173 },
// { type: 'stop', cp: 46 },
// { type: 'disallowed', cp: 47 }
// ]
// note: if name is normalizable, then:
// ens_normalize(ens_tokenize(name).map(token => {
// ** convert valid/mapped/nfc/stop to string **
// }).join('')) == ens_normalize(name)
Output-based tokenization:
// string -> Label[]
// never throws
let labels = ens_split('💩Raffy.eth_');
// [
// {
// input: [ 128169, 82, 97, 102, 102, 121 ],
// offset: 0, // index of codepoint, not substring index!
// // (corresponding length can be inferred from input)
// tokens: [
// Emoji(2) [ 128169, 65039 ], // emoji
// [ 114, 97, 102, 102, 121 ] // nfc-text
// ],
// output: [ 128169, 114, 97, 102, 102, 121 ],
// emoji: true,
// type: 'Latin'
// },
// {
// input: [ 101, 116, 104, 95 ],
// offset: 7,
// tokens: [ [ 101, 116, 104, 95 ] ],
// output: [ 101, 116, 104, 95 ],
// error: Error('underscore allowed only at start')
// }
// ]
Generate a sorted array of (beautified) supported emoji codepoints:
// () -> number[][]
let emojis = ens_emoji();
// [
// [ 2764 ],
// [ 128169, 65039 ],
// [ 128105, 127997, 8205, 9877, 65039 ],
// ...
// ]
Determine if a character shouldn't be printed directly:
// number -> bool
should_escape(0x202E); // eg. RIGHT-TO-LEFT OVERRIDE => true
Determine if a character is a combining mark:
// number -> bool
is_combining_mark(0x20E3); // eg. COMBINING ENCLOSING KEYCAP => true
Format codepoints as print-safe string:
// number[] -> string
safe_str_from_cps([0x300, 0, 32, 97]); // "◌̀{00} a"
safe_str_from_cps(Array(100).fill(97), 4); // "aa…aa" => middle-truncated
git clone
this repo, then npm install
npm run derive
npm run make
— compress data files from /derive/output/
npm run validate
npm run test
— perform validation testsnpm run build
— create /dist/npm run rebuild
— run all the commands abovenpm run order
— create optimal group ordering and rebuild againThis project uses .js
instead of .mjs
so package.json uses type: module
. To avoid bundling issues, type
is dropped during packing. pre/post
hooks aren't used because they're buggy.
npm run pack
instead of npm pack
npm run pub
instead of npm publish
spec_hash
— SHA-256 of spec.json bytesbase64_ens_hash
— SHA-256 of include-ens.js base64 literalbase64_nf_hash
— SHA-256 of include-nf.js base64 literalFAQs
Ethereum Name Service (ENS) Name Normalizer
The npm package @adraffy/ens-normalize receives a total of 577,046 weekly downloads. As such, @adraffy/ens-normalize popularity was classified as popular.
We found that @adraffy/ens-normalize demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.