Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@expo/plist
Advanced tools
Mac OS X Plist parser/builder for Node.js and browsers
@expo/plist is a utility library for parsing and building property list (plist) files, which are commonly used in macOS and iOS applications for configuration. This package allows you to easily read, write, and manipulate plist files in both XML and binary formats.
Parsing XML Plist
This feature allows you to parse an XML plist string into a JavaScript object. The example demonstrates parsing a simple XML plist string containing a dictionary with one key-value pair.
const plist = require('@expo/plist');
const xml = '<plist version="1.0"><dict><key>foo</key><string>bar</string></dict></plist>';
const parsed = plist.parse(xml);
console.log(parsed); // { foo: 'bar' }
Building XML Plist
This feature allows you to build an XML plist string from a JavaScript object. The example demonstrates converting a simple JavaScript object into an XML plist string.
const plist = require('@expo/plist');
const obj = { foo: 'bar' };
const xml = plist.build(obj);
console.log(xml); // <plist version="1.0"><dict><key>foo</key><string>bar</string></dict></plist>
Parsing Binary Plist
This feature allows you to parse a binary plist file into a JavaScript object. The example demonstrates reading a binary plist file from the filesystem and parsing it.
const plist = require('@expo/plist');
const fs = require('fs');
const buffer = fs.readFileSync('example.plist');
const parsed = plist.parse(buffer);
console.log(parsed);
Building Binary Plist
This feature allows you to build a binary plist file from a JavaScript object. The example demonstrates converting a simple JavaScript object into a binary plist file and writing it to the filesystem.
const plist = require('@expo/plist');
const fs = require('fs');
const obj = { foo: 'bar' };
const buffer = plist.build(obj, { format: 'binary' });
fs.writeFileSync('example.plist', buffer);
The 'plist' package is a popular alternative for parsing and building plist files. It supports both XML and binary formats and offers similar functionality to @expo/plist. However, @expo/plist is specifically tailored for use with Expo projects, making it a better choice for developers working within the Expo ecosystem.
The 'simple-plist' package provides a straightforward API for reading and writing plist files. It focuses on simplicity and ease of use, making it a good choice for developers who need basic plist functionality without the additional features provided by @expo/plist.
The 'bplist-parser' package is specialized for parsing binary plist files. It is a lightweight and efficient option for developers who only need to work with binary plists. In contrast, @expo/plist offers a more comprehensive solution with support for both XML and binary formats.
@expo/plist
A macOS Plist parser/builder for Node.js and browsers.
Forked from this repo.
FAQs
Mac OS X Plist parser/builder for Node.js and browsers
The npm package @expo/plist receives a total of 1,095,715 weekly downloads. As such, @expo/plist popularity was classified as popular.
We found that @expo/plist demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 27 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.