Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
buffer-queue
Advanced tools
A fast buffer store, for queueing up buffer chunks to later drain as a full buffer for streams. Faster than Buffer.concat
on every chunk.
npm install buffer-queue
Example of a transform stream that only writes downstream 1MB at a time, storing up buffers in the buffer store.
var Transform = require("stream").Transform;
var util = require("util");
var Store = require("buffer-queue");
/**
* Transform stream that limits writes to 1MB at a time
*/
function ThrottleStream (limit) {
this.limit = limit || 1024 * 1024;
this.store = new Store();
Transform.call(this);
}
util.inherits(ThrottleStream, Transform);
ThrottleStream.prototype._transform = function (chunk, enc, callback) {
this.store.push(chunk);
var data;
// While we have more in our store than the limit, then push
// out a chunk
while (this.store.length() > this.limit && data = this.store.shift(this.limit)) {
this.push(data);
}
callback();
};
ThrottleStream.prototype._flush = function (callback) {
var data;
while (data = this.store.shift(this.limit)) {
this.push(data);
}
callback();
};
BufferStore()
Constructor for a buffer store.
store.push(buffer)
Pushes a buffer to the store.
store.shift(n)
Returns the first n
bytes of the entire buffer store and removes from the store.
store.empty()
Empties the entire internal buffer store.
store.length()
Returns the length of the internal buffer store in bytes.
store.drain()
Empties and returns the internal buffer store. Use store.empty()
if you are not interested in the return value.
npm test
MIT License, Copyright (c) 2015 Jordan Santell
FAQs
fast buffer storage
We found that buffer-queue demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.