
Research
Security News
Lazarus Strikes npm Again with New Wave of Malicious Packages
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
It's a play on the latin phrase Reductio ad absurdum
In logic, reductio ad absurdum (Latin for "reduction to absurdity"; or argumentum ad absurdum, "argument to absurdity") is a form of argument which attempts either to disprove a statement by showing it inevitably leads to a ridiculous, absurd, or impractical conclusion, or to prove one by showing that if it were not true, the result would be absurd or impossible.
It is often said that of the big trio Map, Filter, and Reduce, that reduce is by far the most flexible. In fact, it's trivial to implement both map and filter using reduce.
This library exists to take that concept to an absurd extreme by experimenting with leveraging reduce to produce as many different types functional transforms as possible.
Who cares, it's fun. It's good practice. It's a challenging approach to practice transforming data in a purely function manner. At some point, Javscript will include the pipeline operator and these may actually become useful. If you're up for the challenge give it a try.
Before I introduce the steps to begin, let's set some ground rules. You can implement an operator for anything you'd like but there are a few constraints.
This library is designed to make contributing as easy and simple as possible.
Start by suggesting a new Operator or Type.
Development is done following the Feature Branch Workflow:
npm run start
, so webpack can watch for changesFAQs
Reductio Ad Absurdum - The Ridiculous Application of Reduce
The npm package absurdum receives a total of 7 weekly downloads. As such, absurdum popularity was classified as not popular.
We found that absurdum demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.
Security News
Opengrep continues building momentum with the alpha release of its Playground tool, demonstrating the project's rapid evolution just two months after its initial launch.