Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
caniuse-db
Advanced tools
The caniuse-db npm package provides a database of browser support for various web technologies. It is a programmatic interface to the data available on the Can I use website, which is a popular resource for web developers to check the compatibility of web features across different browsers.
Querying Browser Support Data
This feature allows you to query the database for support information on specific web technologies. In this example, we are checking the support data for CSS Grid.
const caniuse = require('caniuse-db/data.json');
// Example: Check support for CSS Grid
const cssGridSupport = caniuse.data['css-grid'];
console.log(cssGridSupport);
Accessing Browser Versions
This feature provides access to the list of browsers and their versions that are included in the Can I use database. This can be useful for understanding which browsers are being tracked.
const browsers = require('caniuse-db/browsers');
// Example: List all browsers and their versions
console.log(browsers);
Checking Feature Status
This feature allows you to check the status of a specific web technology feature, such as whether it is in development, under consideration, or fully supported.
const statuses = require('caniuse-db/statuses');
// Example: Get the status of a feature
const featureStatus = statuses['css-grid'];
console.log(featureStatus);
Browserslist is a tool that allows you to specify which browsers you want to support in your project by querying a list of browsers. It is often used in conjunction with tools like Autoprefixer and Babel to ensure compatibility with the specified browsers. Unlike caniuse-db, which provides detailed support data for individual web technologies, Browserslist focuses on defining and querying browser support configurations.
The mdn-browser-compat-data package provides compatibility data for Web technologies as displayed on MDN Web Docs. It includes data for HTML, CSS, JavaScript, and other web APIs. This package is similar to caniuse-db in that it provides browser support information, but it is sourced from MDN and may have different coverage and data structure.
This repo contains raw data from the caniuse.com support tables. It serves two purposes:
The ability for anyone interested to update or add to the support data on the site. If you are interested in this, please read the CONTRIBUTING file.
Access to the site's data for other projects. For this use the fulldata-json/data-2.0.json
file which includes all support data. (data.json
is also available for backwards compatibility.)
The data in this repo is available for use under a CC BY 4.0 license (https://creativecommons.org/licenses/by/4.0/). For attribution just mention somewhere that the source is caniuse.com. If you have any questions about using the data for your project please contact me here: https://a.deveria.com/contact
Caniuse.com is created and maintained by Alexis Deveria
https://caniuse.com/
https://a.deveria.com/
FAQs
Raw browser/feature support data from caniuse.com
The npm package caniuse-db receives a total of 483,577 weekly downloads. As such, caniuse-db popularity was classified as popular.
We found that caniuse-db demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.