
Research
Security News
Lazarus Strikes npm Again with New Wave of Malicious Packages
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
@nativescript-community/document-scanner
Advanced tools
A NativeScript plugin to scan documents
A NativeScript plugin to scan documents
![]() | ![]() |
---|---|
iOS Demo | Android Demo |
Run the following command from the root of your project:
ns plugin add @nativescript-community/document-scanner
To use that plugin you need camera permission. Dont forget to ask for it at runtime using something like
import { request } from '@nativescript-community/perms';
await request('camera');
After that:
const documentScanner = new DocumentScanner();
try {
const result: string[] | any[] /* UIImage[] on iOS */ = await documentScanner.startScan();
console.log('scan result', result);
} catch (error) {
console.error(error);
}
You can see the options in the typings.
On ios the result is an array of UIImage
This repository includes Svelte demos. In order to run these execute the following in your shell:
$ git clone https://github.com/@nativescript-community/document-scanner
$ cd document-scanner
$ npm run i
$ npm run setup
$ npm run build
$ cd demo-svelte
$ ns run ios|android
The repo uses submodules. If you did not clone with --recursive
then you need to call
git submodule update --init
The package manager used to install and link dependencies must be pnpm
or yarn
. npm
wont work.
To develop and test:
if you use yarn
then run yarn
if you use pnpm
then run pnpm i
Interactive Menu:
To start the interactive menu, run npm start
(or yarn start
or pnpm start
). This will list all of the commonly used scripts.
npm run build.all
WARNING: it seems yarn build.all
wont always work (not finding binaries in node_modules/.bin
) which is why the doc explicitly uses npm run
npm run demo.[ng|react|svelte|vue].[ios|android]
npm run demo.svelte.ios # Example
Demo setup is a bit special in the sense that if you want to modify/add demos you dont work directly in demo-[ng|react|svelte|vue]
Instead you work in demo-snippets/[ng|react|svelte|vue]
You can start from the install.ts
of each flavor to see how to register new demos
You can update the repo files quite easily
First update the submodules
npm run update
Then commit the changes Then update common files
npm run sync
Then you can run yarn|pnpm
, commit changed files if any
npm run readme
npm run doc
The publishing is completely handled by lerna
(you can add -- --bump major
to force a major release)
Simply run
npm run publish
The repo uses https:// for submodules which means you won't be able to push directly into the submodules.
One easy solution is t modify ~/.gitconfig
and add
[url "ssh://git@github.com/"]
pushInsteadOf = https://github.com/
If you have any questions/issues/comments please feel free to create an issue or start a conversation in the NativeScript Community Discord.
0.0.1 (2023-09-20)
Note: Version bump only for package document-scanner
FAQs
A NativeScript plugin to scan documents
The npm package @nativescript-community/document-scanner receives a total of 1 weekly downloads. As such, @nativescript-community/document-scanner popularity was classified as not popular.
We found that @nativescript-community/document-scanner demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 19 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.
Security News
Opengrep continues building momentum with the alpha release of its Playground tool, demonstrating the project's rapid evolution just two months after its initial launch.