Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@designbycosmic/cosmic-unwidower
Advanced tools
Utilities for removing widows.
Import unWidower or unWidower.unWidowerClient from this package to remove widows client side, or pass html through unWidowerTextOnly to remove directly.
All functions use the same config settings:
{
minWords: 4,
// for three word widow removal, all words must be at most this long
maxLastWordLength: 9,
maxPenultWordLength: 4,
maxAntepenultWordLength: 5,
// for two word widow removal, all words must be at most this long
maxLastWordLengthTwo: 13,
maxPenultWordLengthTwo: 11,
}
Use this to process client-side. Inexpensive and small, but still costs something.
config
Object see config object aboveUsing the default export.
import unWidower from "cosmic-unwidower";
const config = {
minWords: 4,
maxLastWordLength: 9, // defaults for three-word widow breaker
maxPenultWordLength: 4, // defaults for three-word widow breaker
maxAntepenultWordLength: 5, // defaults for three-word widow-breaker
maxLastWordLengthTwo: 13, // defaults for two-word widow-breaker
maxPenultWordLengthTwo: 11, // defaults for two-word widow-breaker
};
unWidower(config);
This will when the component is rendered with some parameters set.
import React, {useEffect} from "react";
import { unWidowerClient } from "cosmic-unwidower";
export default () => {
const config = {
minWords: 4,
maxLastWordLength: 9, // defaults for three-word widow breaker
maxPenultWordLength: 4, // defaults for three-word widow breaker
maxAntepenultWordLength: 5, // defaults for three-word widow-breaker
maxLastWordLengthTwo: 13, // defaults for two-word widow-breaker
maxPenultWordLengthTwo: 11, // defaults for two-word widow-breaker
};
useEffect(() => {
unWidowerClient(config);
}, []);
...
}
Use this to process in a function independent of client, useful for SSR.
html
a string of html codeconfig
Object see config object aboveThis creates a component that returns a div containing unWidowed html, independent of client, useful for SSR.
import React from "react";
import { unWidowerHtmlString } from "cosmic-unwidower";
export default (html) => {
const config = {
minWords: 4,
maxLastWordLength: 9, // defaults for three-word widow breaker
maxPenultWordLength: 4, // defaults for three-word widow breaker
maxAntepenultWordLength: 5, // defaults for three-word widow-breaker
maxLastWordLengthTwo: 13, // defaults for two-word widow-breaker
maxPenultWordLengthTwo: 11, // defaults for two-word widow-breaker
};
const content = unWidowerHtmlString(html, config);
return <div dangerouslySetInnerHTML={{__html: content}} />;
}
Use this to process a single string of text in a function independent of client, useful for SSR.
text
a text stringconfig
Object see config object aboveThis creates a component that returns a div containing an unWidowed text string.
import React from "react";
import { unWidowerClientText } from "cosmic-unwidower";
export default ({text}) => {
const config = {
minWords: 4,
maxLastWordLength: 9, // defaults for three-word widow breaker
maxPenultWordLength: 4, // defaults for three-word widow breaker
maxAntepenultWordLength: 5, // defaults for three-word widow-breaker
maxLastWordLengthTwo: 13, // defaults for two-word widow-breaker
maxPenultWordLengthTwo: 11, // defaults for two-word widow-breaker
};
const content = unWidowerText(text, config);
return <p>{content}</p>;
}
Use this to process children of a component. It iterates through children until it finds strings and then unwidows them.
Note: This is best used as low-level as possible. While it's relatively inexpensive to iterate through children, it can get expensive if iterating through too many.
children
is a node of React childrenconfig
Object see config object aboveimport React from "react";
import { UnWidowerReactChildren } from "cosmic-unwidower";
export default ({children}) => {
const config = {
minWords: 4,
maxLastWordLength: 9, // defaults for three-word widow breaker
maxPenultWordLength: 4, // defaults for three-word widow breaker
maxAntepenultWordLength: 5, // defaults for three-word widow-breaker
maxLastWordLengthTwo: 13, // defaults for two-word widow-breaker
maxPenultWordLengthTwo: 11, // defaults for two-word widow-breaker
};
return <UnWidowerReactChildren config={config}>{children}</UnWidowerReactChildren>;
}
FAQs
Utilities for removing widows from text
We found that @designbycosmic/cosmic-unwidower demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.