Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
appcd-util
Advanced tools
Common utility functions.
Visit https://github.com/appcelerator/appc-daemon for more information.
Report issues to GitHub issues. Official issue tracker in JIRA.
npm i appcd-util
import { arch } from 'appcd-util';
console.log(arch()); // 'x86' or 'x64'
import { arrayify } from 'appcd-util';
console.log(arrayify('foo')); // [ 'foo' ]
console.log(arrayify([ 'a', '', null, 'b' ], true)); // [ 'a', 'b' ]
import { assertNodeEngineVersion } from 'appcd-util';
// throw an exception if current node version doesn't satisfy the `engines.node` version
assertNodeEngineVersion(require('package.json'));
import { cache } from 'appcd-util';
const now = () => Date.now();
const first = await cache('my namespace', now);
const second = await cache('my namespace', now);
assert(first === second);
const third = await cache('my namespace', true, now);
assert(first !== third && second !== third);
import { cacheSync } from 'appcd-util';
const now = () => Date.now();
const first = cacheSync('my namespace', now);
const second = cacheSync('my namespace', now);
assert(first === second);
const third = cacheSync('my namespace', true, now);
assert(first !== third && second !== third);
Debouncer that returns a promise and that can be cancelled.
import { debounce } from 'appcd-util';
const fn = debounce(() => {
console.log(new Date());
});
// schedule the callback to be called in 200ms
fn().then(() => {
console.log('Function called');
});
// cancel the debounce
fn.cancel();
import { formatNumber } from 'appcd-util';
console.log(formatNumber(12)); // 12
console.log(formatNumber(123)); // 123
console.log(formatNumber(1234)); // 1,234
console.log(formatNumber(12345)); // 12,345
console.log(formatNumber(123456)); // 123,456
console.log(formatNumber(1234567)); // 1,234,567
import { get } from 'appcd-util';
const obj = {
foo: 'bar'
};
console.log(get(obj, 'foo')); // 'bar'
console.log(get(obj, 'baz', 'pow')); // 'pow'
Get all open sockets, [net] servers, timers, child processes, filesystem watchers, and other handles.
import { getActiveHandles } from 'appcd-util';
console.log(getActiveHandles());
import { inherits } from 'appcd-util';
class A {}
class B extends A {}
class C {}
console.log(inherits(B, A)); // true
console.log(inherits(B, C)); // false
import { mergeDeep } from 'appcd-util';
const obj1 = {
a: {
b: 'c'
}
};
const obj2 = {
a: {
d: 'e'
}
};
console.log(mergeDeep(obj1, obj2)); // { a: { b: 'c', d: 'e' } }
import { mutex } from 'appcd-util';
const fn = () => {
return mutex('my mutex', () => {
console.log('foo!');
});
};
await Promise.all([ fn(), fn(), fn() ]);
import { randomBytes } from 'appcd-util';
console.log(randomBytes(20));
import { sha1 } from 'appcd-util';
console.log(sha1('foo'));
import { sleep } from 'appcd-util';
await sleep(1000); // sleep for 1 second
Block multiple simultaneous callers until the first caller finishes, then all queued up 'tailgaters' are resolved with the result.
import { tailgate } from 'appcd-util';
const fn = () => {
return tailgate('my tailgate', async () => {
console.log('I will only be called once');
});
};
await Promise.all([ fn(), fn(), fn() ]);
import { unique } from 'appcd-util';
console.log(unique([ 'a', 'b', 'a', 'b' ])); // [ 'a', 'b' ]
This project is open source under the Apache Public License v2 and is developed by
Axway, Inc and the community. Please read the LICENSE
file included
in this distribution for more information.
FAQs
Various utility functions to support the Appc Daemon.
We found that appcd-util demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.