Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
bufferstreams
Advanced tools
Abstract streams to deal with the whole buffered contents.
bufferstreams
abstracts streams to allow you to deal with their whole content
in a single buffer when it becomes necessary (by example: a legacy library that
do not support streams).
It is not a good practice (dealing with the whole stream content means you need
to keep the whole stream content in memory which is probably not what you intent
by using streams), just some glue. Using bufferstreams
means:
bufferstreams
can also be used to control the whole stream content in a single
point of a streaming pipeline for testing purposes.
## Usage
Install the npm module:
npm install bufferstreams --save
Then, in your scripts:
import fs from 'fs';
import { BufferStream } from 'bufferstreams';
fs.createReadStream('input.txt')
.pipe(
new BufferStream((err, buf, cb) => {
// err will be filled with an error if the piped in stream emits one.
if (err) {
throw err;
}
// buf will contain the whole piped in stream contents
buf = Buffer.from(buf.toString('utf-8').replace('foo', 'bar'));
// cb is a callback to pass the result back to the piped out stream
// first argument is an error that will be emitted if any
// the second argument is the modified buffer
cb(null, buf);
}),
)
.pipe(fs.createWriteStream('output.txt'));
Note that you can use bufferstreams
with the objectMode option. In this case,
the given buffer will be an array containing the streamed objects:
new BufferStreams(myCallback, { objectMode: true });
bufferstreams
exposes a utility function for functional programming:
import { streamBuffer } from 'bufferstreams';
process.stdin.pipe(streamBuffer(myCallback)).pipe(process.stdout);
Finally bufferstreams
exposes another function for objects mode buffering:
import { bufferObjects } from 'bufferstreams';
process.stdin.pipe(bufferObjects(myCallback)).pipe(process.stdout);
Feel free to contribute with your code if you agree with publishing it under the MIT license.
Buffer the stream content and bring it into the provided callback
Utility function if you prefer a functional way of using this lib
Utility function to buffer objet mode streams
Buffer the stream content and bring it into the provided callback
Param | Type | Description |
---|---|---|
bufferCallback | function | A function to handle the buffered content. |
options | Object | inherits of Stream.Duplex, the options are passed to the parent constructor so you can use it's options too. |
options.objectMode | boolean | Use if piped in streams are in object mode. In this case, an array of the buffered will be transmitted to the callback function. |
Utility function if you prefer a functional way of using this lib
Kind: global function
Returns: Stream
Param |
---|
bufferCallback |
options |
Utility function to buffer objet mode streams
Kind: global function
Returns: Stream
Param |
---|
bufferCallback |
options |
FAQs
Abstract streams to deal with the whole buffered contents.
The npm package bufferstreams receives a total of 358,439 weekly downloads. As such, bufferstreams popularity was classified as popular.
We found that bufferstreams demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.