Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Deprecated binary packing utilities for node.js
node now actually contains native code for packing binary buffers so this module is no longer needed. do not use in new code.
see the included COPYING file for licensing.
the core of the module is the set of pack
/unpack
pair functions. The meaning should be clear from the name - for example, packInt32
packs a given javascript number into a 32-bit int inside a 4-byte node.js Buffer, while unpackFloat32
unpacks a 4-byte node.js Buffer containing a native floating point number into a javascript number.
The following types are available for both pack and unpack:
Float32
Float64
Int8
Int16
Int32
UInt8
UInt16
UInt32
Each pack*
function takes a javascript number and outputs a node.js Buffer.
Each unpack*
function takes a node.js Buffer and outputs a javascript number.
Both types of functions take an optional second argument. If this argument is "big"
, the output is put in big endian format. If the argument is "little"
, the output is put in little endian format. If the argument is anything else or non-existent, we default to "little" endian [THIS IS NEW BEHAVIOR IN 0.0.15 - previous version would default to the native encoding.].
FAQs
Minimalist numeric binary packing utilities for node.js
We found that binpack demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.