Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
buffer-writer
Advanced tools
buffer-writer
Fast & efficient buffer writer used to keep memory usage low by internally recycling a single large buffer.
Used as the binary protocol writer in node-postgres
Since postgres requires big endian encoding, this only writes big endian numbers for now, but can & probably will easily be extended to write little endian as well.
I'll admit this has a few postgres specific things I might need to take out in the future, such as addHeader
api
var writer = new (require('buffer-writer')());
writer.addInt32(num)
Writes a 4-byte big endian binary encoded number to the end of the buffer.
writer.addInt16(num)
Writes a 2-byte big endian binary encoded number to the end of the buffer.
writer.addCString(string)
Writes a string to the buffer utf8 encoded and adds a null character (\0) at the end.
var buffer = writer.addHeader(char)
Writes the 5 byte PostgreSQL required header to the beginning of the buffer. (1 byte for character, 1 BE Int32 for length of the buffer)
var buffer = writer.join()
Collects all data in the writer and joins it into a single, new buffer.
var buffer = writer.flush(char)
Writes the 5 byte postgres required message header, collects all data in the writer and joins it into a single, new buffer, and then resets the writer.
thoughts
This is kind of node-postgres specific. If you're interested in using this for a more general purpose thing, lemme know. I would love to work with you on getting this more reusable for your needs.
license
MIT
Other packages similar to buffer-writer
smart-buffer
Smart-buffer is an npm package that provides similar functionality to buffer-writer. It allows for reading and writing to Buffers in Node.js with automatic resizing. It has a more fluent API and additional features like inserting data at arbitrary positions and supports chaining of method calls.
buffer-builder
Buffer-builder is another npm package that offers functionality to write various types of data to a buffer. It is similar to buffer-writer but has a different API design and may have different performance characteristics.
bl
The 'bl' (Buffer List) package is a Node.js module that provides a storage mechanism for collections of Node Buffers. While it is not a direct alternative to buffer-writer, it can be used in conjunction with it to manage a list of buffers efficiently.
FAQs
a fast, efficient buffer writer
The npm package buffer-writer receives a total of 821,811 weekly downloads. As such, buffer-writer popularity was classified as popular.
We found that buffer-writer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 07 Nov 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025