
Research
SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.
@geostyler/xml2js
Advanced tools
This is a hard fork of https://github.com/Leonidas-from-XIV/node-xml2js with custom changes for our needs.
This fork is meant as a temporary replacement until we switch to something else that better fits our needs.
Please notice that this fork is not meant to be kept under active maintenance.
Simplest way to install xml2js is to use npm, just npm install @geostyler/xml2js which will download xml2js and all dependencies.
Head over to https://github.com/Leonidas-from-XIV/node-xml2js to get information about usage.
FAQs
Fork of xml2js lib with custom changes
The npm package @geostyler/xml2js receives a total of 2 weekly downloads. As such, @geostyler/xml2js popularity was classified as not popular.
We found that @geostyler/xml2js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

Company News
Socket is proud to join the OpenJS Foundation as a Silver Member, deepening our commitment to the long-term health and security of the JavaScript ecosystem.

Security News
npm now links to Socket's security analysis on every package page. Here's what you'll find when you click through.