Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Various algorithms and utilities.
Algorithms from this library are used in Paint Bucket color manipulation library, check out its performance.
🔢 API documentation is available here.
npm install --save-prod algomatic
Checks
isBetween
isEpsClose
isNumeric
Functions
callOrGet
Easing
easeExp
easeLog
easeInQuad
easeOutQuad
easeInOutQuad
easeInCubic
easeOutCubic
easeInOutCubic
easeInQuart
easeOutQuart
easeInOutQuart
easeInQuint
easeOutQuint
easeInOutQuint
Utilities
copyOver
range
swap
asc
desc
binarySearch
Searches the specified array for the specified value using the binary search algorithm. The array must be sorted into ascending order according to the natural ordering of its elements prior to making this call. If it is not sorted, the results are undefined.
Returns the index of the searched value, if it is contained in the array; otherwise, -(insertion point) - 1. The insertion point is defined as the point at which the searched value would be inserted into the array: the index of the first element greater than the searched value, or array length if all elements in the array are less than the specified key. Note that this guarantees that the return value will be ≥ 0 if and only if the searched value is found.
binarySearch([10, 20, 30, 40], 20); // → 1
binarySearch([10, 20, 30, 40], 25); // → -3
sort
Sorts the array in-place using an optional comparator and invokes a callback after a pair of elements was swapped.
sort(
arr, // Mutable array that would be sorted
(i, j) => {
// Called when i and j elements of arr were swapped
// Use this to sort multiple arrays in parallel
},
(a, b) => 0, // Comparator works the same way as in Array.sort
);
sort
uses a non-recursive Quicksort algorithm. In contrast to
Array.sort
, sort
doesn't convert array elements to strings before comparison and uses comparison operators directly. So numeric arrays
are sorted in natural order with sort(arr)
. You can provide an element comparator to change the sorting order.
sort
is order of magnitude faster than Array.sort
on both small and big arrays. The plot below uses a log scale and
shows the dependency of number of operations per second from the input array length.
lerp
Creates a linear interpolator:
const f = lerp(xs, ys);
const y = f(x);
Here xs
is the array of X coordinates of pivot points in ascending order, and ys
is the array of corresponding Y
coordinates of pivot points.
cspline
Creates a cubic spline interpolator for given pivot points:
const f = cspline(xs, ys);
const y = f(x);
More control over spline caching and computation:
// Pre-allocate an array of spline components that can be later reused
// to avoid excessive memory allocations
const splines = new Float32Array(xs.length * 3);
createCSplines(xs, ys, xs.length, splines); // → splines
// or
// const splines = createCSplines(xs, ys, xs.length); // → Float32Array
const y = interpolateCSpline(xs, ys, x, xs.length, splines);
csplineMonot
Creates a monotone cubic interpolator for given pivot points:
const f = csplineMonot(xs, ys);
const y = f(x);
Or using more fine-grained approach:
const y = interpolateCSplineMonot(xs, ys, x, xs.length, createCSplinesMonot(xs, ys, xs.length));
The plot below shows that cspline
interpolation overshoots pivot points while csplineMonot
provides monotonous
results.
Bitwise operations left
,
right
,
and
,
or
and xor
for unsigned integers that exceed 32-bit range:
left(0xAB, 8); // Same as 0xAB << 8
// → 0xAB_00
left(0xAB_CD_EF_AB_CD, 24)
// → 0xAB_CD_EF_AB_CD_00_00_00
right(0xAB_CD, 8); // Same as 0xAB_CD >> 8
// → 0xAB
FAQs
Various algorithms and math utilities.
The npm package algomatic receives a total of 53 weekly downloads. As such, algomatic popularity was classified as not popular.
We found that algomatic demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.