Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
@smithy/eventstream-serde-universal
Advanced tools
[![NPM version](https://img.shields.io/npm/v/@smithy/eventstream-serde-universal/latest.svg)](https://www.npmjs.com/package/@smithy/eventstream-serde-universal) [![NPM downloads](https://img.shields.io/npm/dm/@smithy/eventstream-serde-universal.svg)](http
@smithy/eventstream-serde-universal is a package designed to handle serialization and deserialization of event streams in a universal manner. It is part of the Smithy framework, which is used for building SDKs for AWS services. This package is particularly useful for working with event-driven architectures and streaming data.
Serialization
This feature allows you to serialize an event into a format suitable for transmission over a network. The code sample demonstrates how to create an instance of EventStreamMarshaller and use it to serialize an event object.
const { EventStreamMarshaller } = require('@smithy/eventstream-serde-universal');
const marshaller = new EventStreamMarshaller();
const event = { type: 'event', data: 'example data' };
const serializedEvent = marshaller.serialize(event);
console.log(serializedEvent);
Deserialization
This feature allows you to deserialize a received event stream back into a usable event object. The code sample shows how to create an instance of EventStreamMarshaller and use it to deserialize a binary event stream.
const { EventStreamMarshaller } = require('@smithy/eventstream-serde-universal');
const marshaller = new EventStreamMarshaller();
const serializedEvent = new Uint8Array([/* some binary data */]);
const event = marshaller.deserialize(serializedEvent);
console.log(event);
Event Stream Handling
This feature demonstrates handling a stream of events by serializing and then deserializing them. The code sample shows how to process an array of event objects, serialize them, and then deserialize them back to their original form.
const { EventStreamMarshaller } = require('@smithy/eventstream-serde-universal');
const marshaller = new EventStreamMarshaller();
const eventStream = [
{ type: 'event', data: 'data1' },
{ type: 'event', data: 'data2' }
];
const serializedStream = eventStream.map(event => marshaller.serialize(event));
const deserializedStream = serializedStream.map(event => marshaller.deserialize(event));
console.log(deserializedStream);
The 'event-stream' package is a toolkit for working with streams in Node.js. It provides utilities for creating and manipulating streams, including event streams. Compared to @smithy/eventstream-serde-universal, 'event-stream' is more general-purpose and not specifically designed for AWS SDKs or event serialization/deserialization.
The 'kafka-node' package is a client for Apache Kafka, a distributed event streaming platform. It allows for producing and consuming messages in Kafka. While it provides robust event streaming capabilities, it is specific to Kafka and does not offer the universal serialization/deserialization features of @smithy/eventstream-serde-universal.
The 'rxjs' package is a library for reactive programming using Observables, to make it easier to compose asynchronous or callback-based code. It is highly versatile and can be used for event streams, but it does not provide built-in serialization/deserialization for event streams like @smithy/eventstream-serde-universal.
FAQs
[![NPM version](https://img.shields.io/npm/v/@smithy/eventstream-serde-universal/latest.svg)](https://www.npmjs.com/package/@smithy/eventstream-serde-universal) [![NPM downloads](https://img.shields.io/npm/dm/@smithy/eventstream-serde-universal.svg)](http
We found that @smithy/eventstream-serde-universal demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.