Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@aws-sdk/util-utf8-node
Advanced tools
Package description
The @aws-sdk/util-utf8-node package is designed for encoding and decoding UTF-8 content specifically in Node.js environments. It provides utilities to convert strings to UTF-8 byte arrays and vice versa, which is particularly useful when working with AWS SDKs that require such transformations for handling text in various AWS services.
UTF-8 Encoding
Converts a JavaScript string to a UTF-8 encoded byte array. This is useful for preparing data for transmission or storage in formats that require UTF-8 encoding.
"const { fromUtf8 } = require('@aws-sdk/util-utf8-node');
const utf8EncodedString = fromUtf8('Hello World');"
UTF-8 Decoding
Converts a UTF-8 encoded byte array back into a JavaScript string. This is useful for reading data that was stored or transmitted as UTF-8 encoded bytes.
"const { toUtf8 } = require('@aws-sdk/util-utf8-node');
const decodedString = toUtf8(utf8EncodedString);"
The 'text-encoding' package provides a polyfill for the Encoding Living Standard's API, offering broader encoding and decoding capabilities beyond UTF-8, including legacy encodings. It's more versatile than @aws-sdk/util-utf8-node but might be overkill for applications only needing UTF-8 support.
This package offers conversion between various character encodings, including UTF-8, in Node.js. Unlike @aws-sdk/util-utf8-node, which is focused on UTF-8 and designed for AWS SDK usage, iconv-lite supports a wide range of encodings, making it suitable for applications requiring conversion between various character sets.
Changelog
Readme
FAQs
Unknown package
The npm package @aws-sdk/util-utf8-node receives a total of 1,438,350 weekly downloads. As such, @aws-sdk/util-utf8-node popularity was classified as popular.
We found that @aws-sdk/util-utf8-node demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.