Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@microsoft/bf-lu
Advanced tools
This package is intended for Microsoft use only. It is not designed to be consumed as an independent package.
This package is intended for Microsoft use only. It is not designed to be consumed as an independent package.
@microsoft/bf-lu can be used within a Node.js application as an imported library. Install locally:
npm install @microsoft/bf-lu --save
To parse LU files, you can use the LUISBuilder class, which returns a LUIS class
const Luis = require('@microsoft/bf-lu').V2.Luis
const LUISBuilder = require('@microsoft/bf-lu').V2.LuisBuilder
const luContent = `# Greeting
- hi`;
const luisObject = await LUISBuilder.fromContentAsync(luContent)
// Parsed LUIS object
console.log(JSON.stringify(luisObject, 2, null));
You can use the available validate() function to verify if the parsed LUIS object is valid. This helps catch name conflicts, invalid labelled utterances etc.
const LUISBuilder = require('@microsoft/bf-lu').V2.LuisBuilder
const exception = require('@microsoft/bf-lu').V2.Exception
const luContent = `# Greeting
- hi`;
const luisObject = await LUISBuilder.fromLUAsync(luContent)
luisObject.intents[0].name = "testIntent123456789012345678901234567890123"
luisObject.validate()
You can generate lu content from LUIS instance using parseToLuContent() method. Here's an example code snippet.
const LUISBuilder = require('@microsoft/bf-lu').V2.LuisBuilder
const exception = require('@microsoft/bf-lu').V2.Exception
const luContent = `# Greeting
- hi
$userName:first=
-vishwac`;
const log = false;
const locale = 'en-us';
async function parseContent() {
try {
const luisObject = await LUISBuilder.fromContentAsync(luContent)
luisObject.validate()
const parsedLuisBackToLu = luisObject.parseToLuContent()
} catch (error) {
if (error instanceof exception) {
// do something specific to this exception
} else {
console.log(errObj.text);
}
}
}
parseContent();
You can take advantage of the Microsoft text translation API to automatically machine translate .lu files to one or more than 60+ languages supported by the Microsoft text translation cognitive service.
To translate lu file content, you can simply use the translate() method in the LU class. Here's a code snippet.
const LU = require('@microsoft/bf-lu').V2.LU
const luContent = `# Greeting
- hi
$userName:first=
-vishwac`;
const targetLanguage = 'de';
const subscriptionKey = '<YOUR TEXT TRANSLATION KEY>';
const translateComments = true;
const translateLinkText = true;
const luInstance = new LU(luContent)
await luInstance.translate(subscriptionKey, targetLanguage, translateComments, translateLinkText)
const translatedCode = luInstance.content
FAQs
This package is intended for Microsoft use only. It is not designed to be consumed as an independent package.
The npm package @microsoft/bf-lu receives a total of 810 weekly downloads. As such, @microsoft/bf-lu popularity was classified as not popular.
We found that @microsoft/bf-lu demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.