Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
@hapi/pez is a streaming parser for multipart payloads, which is commonly used in handling file uploads in web applications. It is part of the hapi ecosystem and provides a robust solution for parsing multipart/form-data content types.
Multipart Parser
This code demonstrates how to use @hapi/pez to parse a multipart payload. The parser is configured with a boundary string and listens for 'part' events, which represent individual parts of the multipart payload. Each part is then piped to the standard output.
const Pez = require('@hapi/pez');
const internals = {};
internals.multipart = new Pez.Multipart({
boundary: '----WebKitFormBoundaryE19zNvXGzXaLvS5C'
});
internals.multipart.on('part', (part) => {
part.pipe(process.stdout);
});
internals.multipart.write('------WebKitFormBoundaryE19zNvXGzXaLvS5C\r\n');
internals.multipart.write('Content-Disposition: form-data; name="file"; filename="example.txt"\r\n');
internals.multipart.write('Content-Type: text/plain\r\n\r\n');
internals.multipart.write('Hello World\r\n');
internals.multipart.write('------WebKitFormBoundaryE19zNvXGzXaLvS5C--\r\n');
internals.multipart.end();
File Upload Handling
This example shows how to handle file uploads using @hapi/pez. Each part of the multipart payload is written to a file using a writable stream. The filename is extracted from the part's metadata.
const Pez = require('@hapi/pez');
const fs = require('fs');
const internals = {};
internals.multipart = new Pez.Multipart({
boundary: '----WebKitFormBoundaryE19zNvXGzXaLvS5C'
});
internals.multipart.on('part', (part) => {
const fileStream = fs.createWriteStream(part.filename);
part.pipe(fileStream);
});
internals.multipart.write('------WebKitFormBoundaryE19zNvXGzXaLvS5C\r\n');
internals.multipart.write('Content-Disposition: form-data; name="file"; filename="example.txt"\r\n');
internals.multipart.write('Content-Type: text/plain\r\n\r\n');
internals.multipart.write('Hello World\r\n');
internals.multipart.write('------WebKitFormBoundaryE19zNvXGzXaLvS5C--\r\n');
internals.multipart.end();
Busboy is a fast and low-level streaming parser for HTML form data, especially file uploads. It is similar to @hapi/pez in that it handles multipart/form-data, but it is often used with the express framework and provides a more minimalistic API.
Multer is a middleware for handling multipart/form-data, which is primarily used for uploading files. It is built on top of busboy and provides a higher-level API compared to @hapi/pez, making it easier to integrate with Express applications.
Formidable is a Node.js module for parsing form data, especially file uploads. It is similar to @hapi/pez in functionality but offers a more comprehensive API for handling various types of form data, including multipart and urlencoded forms.
FAQs
Multipart parser
The npm package @hapi/pez receives a total of 585,224 weekly downloads. As such, @hapi/pez popularity was classified as popular.
We found that @hapi/pez demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.