Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@sec-ant/readable-stream
Advanced tools
A tiny, zero-dependency yet spec-compliant asynchronous iterator polyfill/ponyfill for ReadableStreams.
A tiny, zero-dependency yet spec-compliant asynchronous iterator polyfill/ponyfill for ReadableStream
s.
ReadableStream
With this package, you can consume a ReadableStream
as an AsyncIterable
.
AsyncIterable
or an Iterable
into a ReadableStream
With this package, you can construct a ReadableStream
from an AsyncIterable
or an Iterable
.
This package passes all the aforementioned tests.
npm i @sec-ant/readable-stream
This package can be imported as a ponyfill to avoid side effects:
asyncIterator
Path:
@sec-ant/readable-stream/ponyfill/asyncIterator
Example:
import {
asyncIterator,
type ReadableStreamIteratorOptions,
} from "@sec-ant/readable-stream/ponyfill/asyncIterator";
const readableStream = (await fetch("https://www.example.org/")).body;
let total = 0;
for await (const chunk of asyncIterator(readableStream)) {
total += chunk.length;
}
console.log(total);
Check https://streams.spec.whatwg.org/#rs-class-definition and https://streams.spec.whatwg.org/#rs-asynciterator for further explanation on ReadableStreamIteratorOptions
.
fromAnyIterable
Path:
@sec-ant/readable-stream/ponyfill/fromAnyIterable
Example:
import { fromAnyIterable } from "@sec-ant/readable-stream/ponyfill/fromAnyIterable";
const readableStream = fromAnyIterable(["a", "b"]);
Path:
@sec-ant/readable-stream/ponyfill
Example:
import {
fromAnyIterable,
asyncIterator,
type ReadableStreamIteratorOptions,
} from "@sec-ant/readable-stream/ponyfill";
This package can be imported as a drop-in polyfill with side effects.
ReadableStream.prototype[Symbol.asyncIterator]
and ReadableStream.prototype.values
Path:
@sec-ant/readable-stream/polyfill/asyncIterator
Example:
import "@sec-ant/readable-stream/polyfill/asyncIterator";
const readableStream = (await fetch("https://www.example.org/")).body;
let total = 0;
for await (const chunk of readableStream) {
total += chunk.length;
}
console.log(total);
ReadableStream.from
Path:
@sec-ant/readable-stream/polyfill/fromAnyIterable
Example:
import "@sec-ant/readable-stream/polyfill/fromAnyIterable";
const readableStream = ReadableStream.from(["a", "b"]);
Note that ReadableStream.from
is not typed because declared vars cannot be overridden.
Path:
@sec-ant/readable-stream/polyfill
Example:
import "@sec-ant/readable-stream/polyfill";
asyncIterator
Path:
@sec-ant/readable-stream/asyncIterator
Example:
import {
asyncIterator,
type ReadableStreamIteratorOptions,
} from "@sec-ant/readable-stream/asyncIterator";
// also with side effects
fromAnyIterable
Path:
@sec-ant/readable-stream/fromAnyIterable
Example:
import { fromAnyIterable } from "@sec-ant/readable-stream/fromAnyIterable";
// also with side effects
Path:
@sec-ant/readable-stream
Example:
import {
fromAnyIterable,
asyncIterator,
type ReadableStreamIteratorOptions,
} from "@sec-ant/readable-stream";
// also with side effects
You can also use this package to augment the ReadableStream
type for async iteration if the runtime already supports it but the type system does not.
Path:
@sec-ant/readable-stream/async-iterator
Example:
/// <reference types="@sec-ant/readable-stream/async-iterator" />
MIT
0.6.0
FAQs
A tiny, zero-dependency yet spec-compliant asynchronous iterator polyfill/ponyfill for ReadableStreams.
The npm package @sec-ant/readable-stream receives a total of 1,478,682 weekly downloads. As such, @sec-ant/readable-stream popularity was classified as popular.
We found that @sec-ant/readable-stream demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.