Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@juit/qrcode
Advanced tools
First of all, kudos are due to Alexey Ten who wrote the original
qr-image
package. Without his incredible work this project would not exist.
This package simply generate QR codes, using modern web standards like
CompressionStream
s,
Promise
s (with async
/await
) and has zero dependencies on NodeJS or other
frameworks (therefore making it suitable for inclusion in runtimes like
Cloudflare Workers).
QRCode
objectTo generate a QR code simply use the generate(...)
async function:
import { generate } from `@juit/qrcode`
const image = await generate('https://www.juit.com/', 'png')
// `image` here is a Uint8Array containing the PDF data
message
: a string
or Uint8Array
containing the data to be included in
the generated QR codeformat
: the format of the QR code to generate, that is:
png
: a PNG image (as a Uint8Array
)pdf
: a PDF document (as a Uint8Array
- uses compression)svg
: a SVG image (as a string
)pngData
: the data URL (as a string
) of a PNG imagepdfData
: the data URL (as a string
) of a PDF documentsvgData
: the data URL (as a string
) of a SVG imageoptions
: an optional object containing encoding optionsecLevel
: the error correction level for the QR code
(default: M
)
L
: approximately 7% of error correction capabilityM
: approximately 15% of error correction capabilityQ
: approximately 25% of error correction capabilityH
: approximately 30% of error correction capabilityurl
: whether to optimize URLs in QR codes or not
(default: false
)scale
: the number of pixels used for each dot in the matrix
(default: 1
for PNG/SVG and 9
for PDF)margin
: the size of the margin around the QR code in matrix modules
(default: 4
as per the QR code specification - the quiet area)If final bundle sizes are important for you, we also offer individual APIs for each format we generate. The bundler's own tree shaking algorithm should be able to then remove all irrelevant code.
The main functions are:
generatePngQrCode(message, options?)
: Promise<Uint8Array>
)generatePdfQrCode(message, options?)
: Promise<Uint8Array>
)generateSvgQrCode(message, options?)
: string
)To generate data URLs on the other hand:
generatePngDataQrCode(message, options?)
: Promise<string>
)generatePdfDataQrCode(message, options?)
: Promise<string>
)generateSvgDataQrCode(message, options?)
: string
)The message and options consumed by these functions are the same ones described in the main api.
The low-level API splits the generation of a QR code from its rendering as an image.
generateQrCode(message, options?)
: QRCode
object from the given messagegeneratePng(qrcode, options?)
: QRCode
as a PNG image
(as a Promise<Uint8Array>
)generatePdf(qrcode, options?)
: QRCode
as a PDF document
(as a Promise<Uint8Array>
)generateSvg(qrcode, options?)
: QRCode
as a SVG image
(as a string
)You can combine those APIs to (for example) generate a single QR code for a message, and then render it in multiple formats.
The message and options consumed by these functions are the same ones described in the main api.
QRCode
objectThe object returned by generateQrCode(...)
contains the following properties:
version
: the version of the QR code (1...40)ecLevel
: the error correction level for the QR code (L
, M
, Q
or H
)size
: The size (in pixels, or QR code blokcs) of the QR codematrix
: The QR code matrix (where true
is black, false
is white)The generateSvgPath(qrcode)
function generate a SVG path for a QR code.
The returned SVG path will be a simple conversion of the QR code's own
matrix
into a square path of N "pixels" (where N is the size of
the QR code's size
of the matrix).
This can be scaled and positioned into a final SVG using the scale(...)
and
translate(...)
basic SVG transformations.
This is also particulary useful with PDFKit's own implementation of SVG paths.
We can use it together with translate(...)
and scale(...)
to draw our QR
code anywhere on the page, in any size. For example, to prepare a simple A4
document with a 10cm QR code smack in the middle we can:
// generate the QR code _structure_ for our message
const code = generateQrCode('https://www.juit.com/')
// generate the SVG path for our QR code
const path = generateSvgPath(code)
// calculate how to translate and scale our QR code in the page
const dpcm = 72 / 2.54 // PDFKit uses 72dpi (inches) we want metric!
const size = 10 * dpcm // 10 cm (size of our QR code) in dots
const scale = size / code.size // scale factor for our QR code to be 10 cm
const x = ((21 - 10) / 2) * dpcm // center horizontally
const y = ((29.7 - 10) / 2) * dpcm // center vertically
// create a new A4 document, and stream it to "test.pdf"
const document = new PDFDocument({ size: 'A4' })
const stream = createWriteStream('test.pdf')
document.pipe(stream)
// draw our 10cm QR code right in the middle of the page
document
.translate(x, y) // move to x = 5.5cm, y = 9.85cm
.scale(scale) // scale our QR code to 10cm width and height
.path(path) // draw our QR code smack in the middle of the page
.fill('black') // fill our QR code in black
.end() // finish up and close the document
// wait for the stream to finish
stream.on('finish', () => {
// your PDF file is ready!
})
FAQs
A modern QR code generator for JavaScript
We found that @juit/qrcode demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.