![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@cosmjs/utils
Advanced tools
Package description
@cosmjs/utils is a utility library for JavaScript and TypeScript that provides a collection of helper functions for common tasks. It is part of the CosmJS suite, which is designed to interact with the Cosmos SDK and other blockchain technologies. The utilities in this package help with data manipulation, encoding/decoding, and other common operations.
Data Manipulation
The `arrayContentEquals` function checks if two arrays have the same content. This is useful for comparing arrays without worrying about the order of elements.
const { arrayContentEquals } = require('@cosmjs/utils');
const array1 = [1, 2, 3];
const array2 = [1, 2, 3];
const array3 = [4, 5, 6];
console.log(arrayContentEquals(array1, array2)); // true
console.log(arrayContentEquals(array1, array3)); // false
Encoding/Decoding
The `toHex` and `fromHex` functions are used to convert data to and from hexadecimal strings. This is particularly useful for encoding binary data in a human-readable format.
const { toHex, fromHex } = require('@cosmjs/utils');
const data = new Uint8Array([1, 2, 3, 4]);
const hexString = toHex(data);
console.log(hexString); // '01020304'
const decodedData = fromHex(hexString);
console.log(decodedData); // Uint8Array [ 1, 2, 3, 4 ]
String Manipulation
The `assert` and `assertDefined` functions are used for validation. `assert` checks if a condition is true, while `assertDefined` ensures that a value is not undefined. These functions help in writing robust code by enforcing certain conditions.
const { assert, assertDefined } = require('@cosmjs/utils');
const value = 'Hello, World!';
assert(value.length > 0, 'Value should not be empty');
const definedValue = 'CosmJS';
assertDefined(definedValue, 'Value should be defined');
Lodash is a popular utility library that provides a wide range of functions for data manipulation, including array and object operations, string manipulation, and more. Compared to @cosmjs/utils, Lodash offers a broader set of utilities and is widely used in the JavaScript community.
Underscore is another utility library similar to Lodash, offering a variety of functions for data manipulation and functional programming. While it has a smaller footprint compared to Lodash, it provides many of the same functionalities. @cosmjs/utils is more specialized for blockchain-related tasks, whereas Underscore is more general-purpose.
Ramda is a functional programming library for JavaScript that emphasizes immutability and side-effect-free functions. It provides utilities for data manipulation, similar to @cosmjs/utils, but with a focus on functional programming paradigms. Ramda is ideal for developers who prefer a functional approach to coding.
Readme
FAQs
Unknown package
We found that @cosmjs/utils demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.