Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
cld3-asm
is isomorphic javascript binding to google's compact language detector v3 based on WebAssembly cld3 binary. This module aims to provide thin, lightweight interface to cld3 without requiring native modules.
npm install cld3-asm
cld3-asm
relies on wasm binary (or asm.js where wasm is not supported) of cld3, which need to be initialized first.
import { loadModule } from 'cld3-asm';
const cldFactory = await loadModule();
loadModule
loads wasm binary, initialize it, and returns factory function to create instance of cld3 language identifier.
loadModule(binaryEndpoint?: string, environment?: ENVIRONMENT): Promise<CldFactory>
It accepts binaryEndpoint
as optional parameter for mainly browser environment. Unlike node, browser can't access wasm / asm binary directly in filesystem but have to fetch
. Provide endpoints for paths to dist/src/lib/**/*.(wasm|mem)
and it'll be fetched runtime. On node, this endpoint can be used to override physical path to binaries.
Additionally it accepts environment
as well, allow to set running environment and ignores internal runtime detection. This is mostly for Electron's renderer process where node.js and fetch
are available both, to selectively opt-in which way to use. It is important to note loadModule
doesn't interop incorrect option value matching, like try to load correct binary when supply endpoint to file path with set env to browser.
create(minBytes?: number, maxBytes?: number): LanguageIdentifier
LanguageIdentifier
exposes minimal interfaces to cld3's NNetLanguageIdentifier
.
findLanguage(text: string): Readonly<LanguageResult>
: Finds the most likely language for the given text.findMostFrequentLanguages(text: string, numLangs: number): Array<Readonly<LanguageResult>>
: Splits the input text into spans based on the script, predicts a language for each span, and returns a vector storing the top num_langs most frequent languagesdispose(): void
: Destroy current instance of language identifier. It is important to note created instance will not be destroyed automatically.There are simple examples for each environments. In each example directory do npm install && npm start
.
Few npm scripts are supported for build / test code.
build
: Transpiles code to ES5 commonjs to dist
.test
: Run cld
/ cld3-asm
test both. Does not require build
before execute test.test:cld
: Run integration test for actual cld3 wasm binary, using cld's test case.test:cld3-asm
: Run unit test against cld3-asm
interfacelint
: Run lint over all codebaseslint:staged
: Run lint only for staged changes. This'll be executed automatically with precommit hook.commit
: Commit wizard to write commit messageFAQs
WebAssembly based Javascript bindings for google compact language detector 3
The npm package cld3-asm receives a total of 8,281 weekly downloads. As such, cld3-asm popularity was classified as popular.
We found that cld3-asm demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.