Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
A string of four operations of the library, can solve the js digital calculation accuracy of scientific notation and formatting problems, support for thousands of decimal point formatting output operations
(一个字符串四则运算的库, 可以解决js数字计算精度 科学记数法和格式化的问题, 支持千分位小数点格式化输出等操作)
Supported operators (支持的运算符) : + - * / %
npm install a-calc
commonjs
const {calc, fmt} = require("a-calc")
es module
import {calc, fmt} from "a-calc"
browser
<script src="node_modules/a-calc/browser/index.js"></script>
<script>
const {calc, fmt} = a_calc
</script>
calc("0.1 + 0.2") // 0.3
calc`0.1 + 0.2` // 0.3
// 以上方式等价
// 复杂一点的计算
calc("0.1 + 0.2 * 0.3 / 0.4 * (0.5 + 0.6)") // 0.265
Fill and calculate(填充变量并计算)
let a = 0.000001
let b = 888.789
calc("a + b", {a,b}) // 0.000001 + 888.789 = 888.789001
// 操作小数位数
calc("0.1 + 0.2 | =2") // 0.30
calc("0.11111 + 0.11111 | <=4") // 0.2222
calc("0.11 + 0.11 | <=4") // 0.22
calc("0.1 + 0.2 | >= 5") // 0.30000
calc("0.0000001+ 0.0000001 | >= 5") // 0.0000002
// 千分位
calc("10000000 + 100000000 | ,") // 110,000,000
// 同时指定小数位和千分位
calc("10000000 + 100000000 | =10 ,") // 110,000,000.0000000000
calc("0.1 | =2") // 0.10
fmt("0.1 | =2") // 0.10
// calc 具备 fmt 的功能, 但是fmt具备更好的语义
fmt("1000000 | ,") // 1,000,000
待定
If you have any questions, pstlease send email to 718879459@qq.com as soon as possible to give me feedback
(如果遇到了什么问题, 请第一时间向我发送反馈邮件, 718879459@qq.com 对于bug我会第一时间修复他)
FAQs
A very powerful and easy-to-use number precision calculation and formatting library.
The npm package a-calc receives a total of 18,546 weekly downloads. As such, a-calc popularity was classified as popular.
We found that a-calc demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.