Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
apg-lite
is a light-weight parser of ABNF grammars.
It is a parser only.
It relies on apg-js, version 4.3.0 or higher, with the new --lite
option
to generate ESM grammar objects.
apg-lite
features:
apg-js
can parse any arbitrary array of positive integers.apg-js
.
./ast-app/
)../trace-app/
)../trace-app/
).apg-lite
is fully contained in a single JavaScript file.
./lib/parser.js
contains ECMAScript Modules (ESM) which can be import
-ed into your application../lib/web-parser.js
can be scripted into your web page application with no bundling necessary.A number of example application are included here to demonstrate the use of apg-lite
in both
Node.js and web page applications. Each example application is in its own directory.
The documentation for each is in the file documentation.md
.
Most (but not all) examples will be presented as both Node.js and web page applications.
./basic-app/
- A simple parser demonstrating the most basic construction and use of a parser../ast-app/
- Use of the AST - how to construct the AST and translate or semantically manipulate the phrases captured by the AST nodes.
Demonstrates generating an XML version of the AST../udt-app/
- Use of a UDT, a handwritten code snippet to recognize a somewhat complicated phrase../lookahead-app/
- Demonstration of the look ahead operators../trace-app/
- How to debug and profile the parse tree.
./cool-app/
- A simple demonstration of parsing a string with UTF+32 (in this case emoticon) characters../uri-app/
- This example builds a light-weight, but robust and well-tested URI parser.The Node.js applications can all be run from the package.json
scripts.
Use npm run
to see the script names of the demonstrations.
The UriParser
object in the ./uri-app/
application is of special interest.
It is a fully-contained (no dependencies) URI parser.
It is well-tested in the Jest unit tests in the __tests__
directory.
See ./uri-app/documentation.md
for complete documentation.
See ./uri-app/node-app.js
for a sample Node.js application
and ./uri-app/web.html
for sample web page application.
FAQs
lightweight JavaScript APG parser
We found that apg-lite demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.