Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
array-changes-async
Advanced tools
This is an async port of array-changes, to allow for an equal
and similar
functions that accept a callback. This allows your equal
and similar
functions to be asynchronous.
array-changes
A library for finding differences between two arrays.
The library was extracted from unexpected and is therefore not documented and tested properly :-S
(Edit: This async version of the library actually has some more tests, not many, but some :)
var arrayChangesAsync = require('array-changes-async');
var leftArray = [ 1, 2, 4 ]
var rightArray = [ 1, 2, 3, 4 ]
function equal(a, b, aIndex, bIndex, callback) {
// a is the value from the leftArray, aIndex is the index of that item
// b is the value from the rightArray, bIndex is the index of the item
// Call the callback function with `true` if a and b are considered equal
callback(a === b);
}
arrayChangesAsync(leftArray, rightArray, equal, null /* see below */, function (result) {
// result == [
// {
// type: 'equal', value: 1
// },
// {
// type: 'equal', value: 2
// },
// {
// type: 'insert', value: 3
// },
// {
// type: 'equal', value: 4
// }
// ]
});
The fourth parameter allows to define 'similar' items, which has the same signature as the equal
function, and
allows to define what is considered similar, ie. 'changed', rather than deleted, and the expected value inserted.
The callbacks receive the aIndex
and bIndex
parameters, to allow for memoization, as some items will be tested
for equality more than once. This is obviously more useful if you have an async equal
function that could be
expensive.
FAQs
Array diffing
We found that array-changes-async demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.