Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
autocosts
Advanced tools
This calculator allows users to find the true cost of owning a car. It will normally give them a good estimate of what they really need to spend on car ownership. As car payments and expenses come due throughout the year, it's often difficult to really get a good understanding of total spending on a car. This calculator also provides to the user, optionally, the car's full Financial Effort considering the user's income, further providing also optionally the equivalent public transport costs (bus, train, UBER, etc.), considering the user doesn't own a car.
This calculator is and shall always be completely anonymous, as it doesn't request nor permanently store, any name, email, cookies, IP address nor any other personal information. Since it uses NodeJS and NPM it works and it is tested for either Ubuntu related OS or Windows related OS.
https://autocosts.info
Playground: https://autocosts.info/XX
The translations are in corresponding json
files, namely in the folder src/countries/
.
The list of available countries is from the file src/countries/list.json
https://autocosts.info/domains
Install it and run it
npm i autocosts
Follow then the instructions to run the HTTP server.
Autocosts uses nodejs
, expressjs
and handlebars
to supply a server application that renders a car costs calculator as a webpage loaded by any common browser.
The project is optimized for a web-based version, and for an APP developped in Apache Cordova. The 2 last letters on the URI stands for the 2-letter ISO country code, and not for the language, since for example United Kingdom and Australia have the same language but different realities concerning the taxes, the terms applied to automobile costs and the units for fuel efficiency. The translations/language files apply therefore only to the selected country.
The project already considers all the units and fuel efficiency cases, different in many countries. The variations for fuel efficiency are l/100km
, km/l
, mpg(US)
, mpg(imp)
and for distance are km
, miles
and mil
(Nordic mile=10km). More information can be found in the directory src/countries/
.
For more information regarding how the costs are calculated, you can check the src/client/core/coreFunctions.js
which is based on the 12 items that form the car costs for any given country. Namely they are:
Autocosts supports the following additional services, which can be enabled or disabled (default),
using the node bin/index.js
command line options:
Usage: node index.js [options]
Ex: node index.js -r prod --uber --dataBase
Options:
-r, --release 'work' for tests or 'prod' for production
-p, --port HTTP port on which the application is listening (default:3027 for tests, and 3028 for production)
--https Enables protocol https when available
--print Enables the standard printing of final report
--pdf Enables the downloading of a pdf final report (using pdfmake)
--social Enables social media plugin (js-socials)
--disableCharts Disables Charts on final report
External API services, disabled by default
API credentials must be in either credentials/work/ or credentials/prod/ according to release
--cdn Enables Content Delivery Network
--uber Enables UBER API
--googleCaptcha Enables Google Captcha V2 anti-bot for calculation button
--googleAnalytics Enables Google Analytics
--dataBase Enables a mysql Database
Autocosts also supports code such that the user inputs might be stored into a mysql
database.
The credentials file for said databse should be stored in directory credentials/prod/
or credentials/work/
,
the latter being the test version.
This file dataBase.json
should look like:
{
"host" : "*****",
"user" : "*****",
"password" : "*****",
"database" : "*****",
"port" : "***** (optional)",
"db_tables" : {
"country_specs" : "country_specs" ,
"users_insertions" : "users_insertions",
"monthly_costs_statistics" : "monthly_costs_statistics"
}
}
With the data from said database, it is also possible to make several statisitcal analysis, namely the average costs for each country, said statistical analysis having outlier removal techniques, such that such outliers do not distort the average.
Autocosts uses the UBER API, such that at the final repport, the user calculations can be compared with the equivalents costs if the user would use just UBER.
The uber secret token file uber.json
should be stored in credentials/prods/
or credentials/work/
,
the latter being the test version. This file uber.json
should be like:
{
"token": "********************************************"
}
Autocosts uses <a href=http://www.chartjs.org/>chartjs.org as it is free, open source and can be used offline.
You can add your Google Analytics credentials.
The file googleAnalytics.json
should be stored in credentials/prods/
or credentials/work/
,
the latter being the test version. This file googleAnalytics.json
should be like:
{
"trackingId": "UA-*******-*"
}
Autocosts support the Google Captcha v2 API to avoid spam bots from poluting the database.
The captcha secret key file googleCaptcha.json
should be stored in credentials/prods/
or credentials/work/
,
the latter being the test version.
This file googleCaptcha.json
should be like:
{
"secretKey" : "*************************************"
}
Autocosts also allows the final report to be printed into a PDF report. It makes use of pdfmake
npm package.
The Android APP can be found in Play Store. It uses Apache Cordova to convert JavaScript built code into APP built files (for example APK files in Android)
GNU GPLv3
http://www.gnu.org/licenses/gpl-3.0.en.html
http://choosealicense.com/licenses/gpl-3.0/
FAQs
Automobile Costs Calculator
The npm package autocosts receives a total of 10 weekly downloads. As such, autocosts popularity was classified as not popular.
We found that autocosts demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.