Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@funboxteam/diamonds
Advanced tools
This is a set of helpers that we use in the current projects and will probably use in the future ones.
All helpers are independent of each other, which means that your project's bundle won't be bloated by useless code.
When developers create projects they use a lot of small functions that are not connected to the project itself.
Usually such functions are stored in folders like utils
or helpers
.
To prevent copy-pasting between a huge amount of projects we've created this package.
These functions are not aimed to be absolutely safe to unexpected usage. They do exactly what they say they do, and nothing else.
Add the package to deps:
npm install --save @funboxteam/diamonds
Import functions:
import { getUniqueId } from '@funboxteam/diamonds';
It's easier to check every helper's source code rather than reading docs. But if you want some, here they are.
Converts Base64 string to a Uint8Array.
The first function disables scroll on the current page with the possibility to save the current scrolled position, the second one enables the scroll and restores its position if it was saved.
It's useful when you want to disable scroll e.g. while opening sidebar and enable it while closing.
Converts camelCase string into kebab-case.
Change the passed strings's first letter case to upper.
Returns passed params as string with color tags inside.
It's useful when you want to colorize logs in terminal.
Converts cookie string (usually, the one you get from document.cookie
) into an object.
Converts DataURI string into Blob instance.
It's useful when you need to send an image from online editor to the server.
Returns a debounced function that delays invoking callback until passed seconds have elapsed since the last time the debounced function was invoked.
It's useful when you have to handle flow of events but want to fire callback after the flow finishes.
Returns deep clone of the passed object. Does not work with circular links.
It's useful when you need to deeply clone an object. Object.assign
does not work in this case,
because it creates a shadow copy.
Deeply compares passed params.
Returns the value of the last element in the provided array that satisfies the provided testing function.
Otherwise undefined
.
Converts size in bytes to KB, MB, GB, etc.
Formats a number (or a string with a number inside) using the passed format.
It's useful when you need to format, let's say, the cost of something.
Formats a number (or a string with a number inside) by the mask of Russian MSISDNs.
Returns browser scrollbar width.
Returns displayName for React HOC.
Extracts orientation from the passed images EXIF.
Example:
getImageOrientation.call(this, image, orientation => {
let rotate;
switch (orientation) {
case 8:
rotate = 270;
break;
case 6:
rotate = 90;
break;
case 3:
rotate = 180;
break;
default:
rotate = 0;
}
this.setState({ rotate });
});
Gets the value at path of object.
It's useful when you have to work with highly nested objects and don't want to write long conditionals.
getObjectPath(obj, 'key1.key2.key3')
and the work is done.
Picks and returns a correct unit name for the passed number (according to Russian lang rules).
It's useful when it's important to pick correct unit name. E.g. “1 day”, “2 days”, etc.
Returns pseudorandom number from the passed range.
Returns a string generated by the pattern prefix-number
where prefix is the passed param,
but number is unique.
It's useful when you need a unique string that can be namespaced. E.g. for generating unique IDs for DOM elements.
Converts HEX color string to RGB object.
Returns true
when the passed DOM node is visible in the viewport
(fully or partially depending on the params).
Returns true
when the passed string is a valid email.
Checks browser support of the passed type
attribute value for input
tag.
It's useful when you deal with old browsers.
Returns true
when UA is similar to mobile.
It is useful when you don't need a precise check (the checks that are used inside the script are quite simple).
Converts kebab-case string into camelCase.
Converts the passed object which contains primitive values or arrays of primitive values into the query string.
Returns shallow copy of the passed object but without the passed keys.
E.g. in React: omit(this.props, 'mods', 'mix')
.
Returns shallow copy of the passed object but with the passed keys only.
Converts query-string into object.
Transforms RBG color object into HEX string.
Makes it possible to use localStorage
safely.
Transforms the passed callback into the function that delays callback firing.
It's useful when you want to react on some events but no than once an N ms.
Cute picture for the project was made by Igor Garybaldi.
8.4.1 (31.08.2022)
Fixed export of cookieStringToObject -_-"
FAQs
A shiny pile of typed JS helpers for everyday use
The npm package @funboxteam/diamonds receives a total of 277 weekly downloads. As such, @funboxteam/diamonds popularity was classified as not popular.
We found that @funboxteam/diamonds demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.