Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Since the authors of the original package decided to stage their dumb protest that makes most of the community unable to access their package without vulnerabilities, I decided to make this project. It automatically takes a fresh version of SheetJS from their git repository, and publishes to npm if the version is different. The whole process is automated and works through Github Actions. https://github.com/e965/sheetjs-npm-publisher
The SheetJS Community Edition offers battle-tested open-source solutions for extracting useful data from almost any complex spreadsheet and generating new spreadsheets that will work with legacy and modern software alike.
SheetJS Pro offers solutions beyond data processing: Edit complex templates with ease; let out your inner Picasso with styling; make custom sheets with images/graphs/PivotTables; evaluate formula expressions and port calculations to web apps; automate common spreadsheet tasks, and much more!
https://oss.sheetjs.com/notes/: File Format Notes
ssf
: Format data using ECMA-376 spreadsheet format codes
xlsx-cli
: NodeJS command-line tool for processing files
cfb
: Container (OLE/ZIP) file
processing library
codepage
: Legacy text
encodings for XLS and other legacy spreadsheet formats
dta
: Stata DTA file processor
test_files
: Test files and various
plaintext baselines.
Please consult the attached LICENSE file for details. All rights not explicitly granted by the Apache 2.0 License are reserved by the Original Author.
FAQs
SheetJS Spreadsheet data parser and writer
The npm package @e965/xlsx receives a total of 32,480 weekly downloads. As such, @e965/xlsx popularity was classified as popular.
We found that @e965/xlsx demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.