Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
@types/accepts
Advanced tools
The @types/accepts npm package provides TypeScript type definitions for the 'accepts' npm package, which is a utility for content negotiation in HTTP requests. It allows developers to use TypeScript to ensure type safety when working with HTTP Accept headers for determining the preferred content types, encodings, charsets, and languages from HTTP requests.
Content Type Negotiation
This feature allows the server to negotiate and determine the most appropriate content type to respond with, based on the client's Accept header. The code sample demonstrates how to use the 'accepts' library to select between 'json' and 'html' formats.
import accepts from 'accepts';
import http from 'http';
http.createServer((req, res) => {
const accept = accepts(req);
const preferredType = accept.type(['json', 'html']);
res.setHeader('Content-Type', preferredType);
res.end(`Content type set to ${preferredType}`);
}).listen(3000);
Encoding Negotiation
This feature enables the server to select the best encoding method for the response based on the client's Accept-Encoding header. The code sample shows how to determine whether to use 'gzip' or 'deflate' encoding.
import accepts from 'accepts';
import http from 'http';
http.createServer((req, res) => {
const accept = accepts(req);
const preferredEncoding = accept.encoding(['gzip', 'deflate']);
res.setHeader('Content-Encoding', preferredEncoding);
res.end(`Content encoding set to ${preferredEncoding}`);
}).listen(3000);
Language Negotiation
This feature helps in determining the preferred language for the response content based on the client's Accept-Language header. The code sample illustrates how to choose between English ('en') and Spanish ('es').
import accepts from 'accepts';
import http from 'http';
http.createServer((req, res) => {
const accept = accepts(req);
const preferredLanguage = accept.language(['en', 'es']);
res.setHeader('Content-Language', preferredLanguage);
res.end(`Content language set to ${preferredLanguage}`);
}).listen(3000);
Negotiator is an HTTP content negotiation library similar to 'accepts' but without the TypeScript type definitions. It provides a more comprehensive API for negotiating media types, languages, charsets, and encodings.
While primarily focused on handling MIME type data, mime-types can be used in conjunction with other libraries to achieve similar functionality to 'accepts' for determining appropriate response types based on MIME types.
npm install --save @types/accepts
This package contains type definitions for accepts (https://github.com/jshttp/accepts).
Files were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/accepts.
These definitions were written by Stefan Reichel, and Brice BERNARD.
FAQs
TypeScript definitions for accepts
We found that @types/accepts demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.