Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@img/sharp-libvips-darwin-x64
Advanced tools
@img/sharp-libvips-darwin-x64
Prebuilt libvips and dependencies for use with sharp on macOS x64
@img/sharp-libvips-darwin-x64
Prebuilt libvips and dependencies for use with sharp on macOS x64.
Licensing
This software contains third-party libraries used under the terms of the following licences:
| Library | Used under the terms of |
|---|---|
| aom | BSD 2-Clause + Alliance for Open Media Patent License 1.0 |
| cairo | Mozilla Public License 2.0 |
| cgif | MIT Licence |
| expat | MIT Licence |
| fontconfig | fontconfig Licence (BSD-like) |
| freetype | freetype Licence (BSD-like) |
| fribidi | LGPLv3 |
| glib | LGPLv3 |
| harfbuzz | MIT Licence |
| highway | Apache-2.0 License, BSD 3-Clause |
| lcms | MIT Licence |
| libarchive | BSD 2-Clause |
| libexif | LGPLv3 |
| libffi | MIT Licence |
| libheif | LGPLv3 |
| libimagequant | BSD 2-Clause |
| libnsgif | MIT Licence |
| libpng | libpng License |
| librsvg | LGPLv3 |
| libspng | BSD 2-Clause, libpng License |
| libtiff | libtiff License (BSD-like) |
| libvips | LGPLv3 |
| libwebp | New BSD License |
| libxml2 | MIT Licence |
| mozjpeg | zlib License, IJG License, BSD-3-Clause |
| pango | LGPLv3 |
| pixman | MIT Licence |
| proxy-libintl | LGPLv3 |
| zlib-ng | zlib Licence |
Use of libraries under the terms of the LGPLv3 is via the "any later version" clause of the LGPLv2 or LGPLv2.1.
Please report any errors or omissions via https://github.com/lovell/sharp-libvips/issues/new
FAQs
Prebuilt libvips and dependencies for use with sharp on macOS x64
The npm package @img/sharp-libvips-darwin-x64 receives a total of 1,039,823 weekly downloads. As such, @img/sharp-libvips-darwin-x64 popularity was classified as popular.
We found that @img/sharp-libvips-darwin-x64 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 17 Sep 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025