Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@ts-graphviz/adapter
Advanced tools
Graphviz Runtime adapters for Cross Platform
It is part of the ts-graphviz library, which is split into modular packages to improve maintainability, flexibility, and ease of use.
Provides an interface to run Graphviz dot commands.
Graphviz must be installed so that the dot command can be executed.
Execute the dot command to output a DOT language string to a stream or file.
This module provides the following functions.
toStream
function converts DOT to Stream.
import { toStream } from '@ts-graphviz/adapter';
const dot = `
digraph example {
node1 [
label = "My Node",
]
}
`;
const stream = await toStream(dot, { format: 'svg' });
// Node.js
stream.pipe(process.stdout);
// Deno
await stream.pipeTo(Deno.stdout.writable);
toFile
function
import { toFile } from '@ts-graphviz/adapter';
const dot = `
digraph example {
node1 [
label = "My Node",
]
}
`;
await toFile(dot, './result.svg', { format: 'svg' });
Note Designed to work with Node.js and Deno, Stream is runtime native.
For more examples and usage details, please refer to the ts-graphviz documentation.
Contributions to the ts-graphviz project are welcome.
Please refer to the main ts-graphviz repository for guidelines on how to contribute.
This package is released under the MIT License.
FAQs
Graphviz Runtime adapters for Cross Platform
The npm package @ts-graphviz/adapter receives a total of 258,696 weekly downloads. As such, @ts-graphviz/adapter popularity was classified as popular.
We found that @ts-graphviz/adapter demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.