Security News
PyPI Introduces Digital Attestations to Strengthen Python Package Security
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
The cfb npm package is a library designed for handling CFB (Compound File Binary) files, also known as Microsoft Compound Document File Format. This format is commonly used in older Microsoft Office documents like .doc, .xls, and .ppt files. The package allows for the creation, manipulation, and extraction of data from these files.
Reading CFB files
This code demonstrates how to read a CFB file from the filesystem. It uses the `read` method of the cfb package to load a file named 'test.xls' and logs the resulting data structure to the console.
const CFB = require('cfb');
const cfb = CFB.read('test.xls', {type: 'file'});
console.log(cfb);
Creating CFB files
This example shows how to create a new CFB file with a file named 'newfile.txt' inside it. It demonstrates creating a new CFB structure, adding a file to it, and then writing the CFB structure to a file named 'output.cfb'.
const CFB = require('cfb');
const cfb = CFB.utils.cfb_new();
CFB.utils.cfb_add(cfb, 'newfile.txt', new Uint8Array([1, 2, 3, 4, 5]));
CFB.write(cfb, 'output.cfb');
Extracting files from CFB containers
This snippet illustrates how to extract a file from a CFB container. It reads a CFB file named 'container.cfb', searches for a file named '/WordDocument' within the container, and logs its content.
const CFB = require('cfb');
const cfb = CFB.read('container.cfb', {type: 'file'});
const fileContent = CFB.find(cfb, '/WordDocument');
console.log(fileContent);
js-xlsx is a comprehensive library for parsing and writing spreadsheets in various formats including XLSX/XLSM/XLSB/XLS/ODS. It offers broader functionality for spreadsheet manipulation compared to cfb, which is focused on the CFB file format.
Pure-JS implementation of MS-CFB: Compound File Binary File Format, a container format used in many Microsoft file types (XLS, DOC, VBA blobs in XLSX and XLSB)
In the browser:
<script src="dist/cfb.min.js" type="text/javascript"></script>
With npm:
$ npm install cfb
The xlscfb.js
file is designed to be embedded in js-xlsx
In node:
var CFB = require('cfb');
For example, to get the Workbook content from an XLS file:
var cfb = CFB.read(filename, {type: 'file'});
var workbook = CFB.find(cfb, 'Workbook');
var data = workbook.content;
It is preferable to install the library globally with npm:
$ npm install -g cfb
The global installation adds a command cfb
which can work with existing files:
cfb file
will extract the contents of the file to the current directory.
It will make the corresponding subdirectories.cfb --list-files file
will show a listing of the contained files.
The format follows the unzip -l
"short format".cfb --repair file
will attempt to repair by reading and re-writing the file.
This fixes some issues with files generated by non-standard tools.TypeScript definitions are maintained in types/index.d.ts
.
The CFB object exposes the following methods and properties:
CFB.parse(blob)
takes a nodejs Buffer or an array of bytes and returns an
parsed representation of the data.
CFB.read(blob, opts)
wraps parse
. opts.type
controls the behavior:
file
: blob
is interpreted as a file name that will be readbase64
: blob
is interpreted as base64 stringbinary
: blob
is interpreted as binary stringblob
is interpreted as nodejs buffer or array of bytesCFB.find(cfb, path)
performs a case-insensitive match for the path (or file
name, if there are no slashes) and returns an entry object or null if not found.
CFB.write(cfb, opts)
generates a file based on the container. opts.type
controls the behavior:
base64
: returns a base64 stringbinary
: returns a binary stringCFB.writeFile(cfb, filename, opts)
creates a file with the specified name.
The utility functions are available in the CFB.utils
object. Functions that
accept a name
argument strictly deal with absolute file names:
.cfb_new(?opts)
creates a new container object..cfb_add(cfb, name, ?content, ?opts)
adds a new file to the cfb
..cfb_del(cfb, name)
deletes the specified file.cfb_mov(cfb, old_name, new_name)
moves the old file to new path and nameThe objects returned by parse
and read
have the following properties:
.FullPaths
is an array of the names of all of the streams (files) and
storages (directories) in the container. The paths are properly prefixed from
the root entry (so the entries are unique)
.FullPathDir
is an object whose keys are entries in .FullPaths
and whose
values are objects with metadata and content (described below)
.FileIndex
is an array of the objects from .FullPathDir
, in the same order
as .FullPaths
.
.raw
contains the raw header and sectors
The entry objects are available from FullPathDir
and FileIndex
elements of
the container object:
interface CFBEntry {
name: string; /** Case-sensitive internal name */
type: number; /** 1 = dir, 2 = file, 5 = root ; see [MS-CFB] 2.6.1 */
content: Buffer | number[] | Uint8Array; /** Raw Content */
ct?: Date; /** Creation Time */
mt?: Date; /** Modification Time */
}
Please consult the attached LICENSE file for details. All rights not explicitly granted by the Apache 2.0 License are reserved by the Original Author.
FAQs
Compound File Binary File Format extractor
The npm package cfb receives a total of 1,708,362 weekly downloads. As such, cfb popularity was classified as popular.
We found that cfb demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.