Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
builder-util-runtime
Advanced tools
HTTP utilities. Used by [electron-builder](https://github.com/electron-userland/electron-builder).
The builder-util-runtime npm package provides a set of utility functions and classes that are commonly used in the context of building and packaging applications. It includes functionalities for handling HTTP requests, managing file systems, and other utilities that simplify the development process.
HTTP Requests
This feature allows you to make HTTP requests easily. The code sample demonstrates how to use the `httpExecutor` to make a GET request to a specified URL and log the response data.
const { httpExecutor } = require('builder-util-runtime');
async function fetchData(url) {
try {
const response = await httpExecutor.request({
url: url,
method: 'GET'
});
console.log('Data:', response.data);
} catch (error) {
console.error('Error fetching data:', error);
}
}
fetchData('https://api.example.com/data');
File System Utilities
This feature provides utilities for file system operations. The code sample shows how to use the `copyFile` function to copy a file from a source path to a destination path.
const { copyFile } = require('builder-util-runtime');
async function copyExampleFile() {
try {
await copyFile('source.txt', 'destination.txt');
console.log('File copied successfully');
} catch (error) {
console.error('Error copying file:', error);
}
}
copyExampleFile();
UUID Generation
This feature allows you to generate UUIDs. The code sample demonstrates how to generate a version 4 UUID using the `UUID` class.
const { UUID } = require('builder-util-runtime');
function generateUUID() {
const uuid = UUID.v4();
console.log('Generated UUID:', uuid);
}
generateUUID();
Axios is a popular HTTP client for making requests to servers. It provides a simple and easy-to-use API for handling HTTP requests and responses. Compared to builder-util-runtime, axios is more focused on HTTP functionalities and offers more features for handling requests and responses.
fs-extra is a package that extends the native Node.js file system module with additional methods. It provides more powerful and convenient file system operations compared to the basic utilities in builder-util-runtime. It includes methods for copying, moving, and removing files and directories, among others.
The uuid package is a dedicated library for generating UUIDs. It supports multiple versions of UUIDs and is widely used for generating unique identifiers. While builder-util-runtime includes basic UUID generation, the uuid package offers more comprehensive support and options for UUID generation.
HTTP utilities. Used by electron-builder.
FAQs
HTTP utilities. Used by [electron-builder](https://github.com/electron-userland/electron-builder).
The npm package builder-util-runtime receives a total of 498,642 weekly downloads. As such, builder-util-runtime popularity was classified as popular.
We found that builder-util-runtime demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.