Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Npm module for Unicode CLDR JSON data.
Bonus goals
On the package.json
of your i18n library, define its CLDR data dependency.
compatible with.
"peerDependencies": {
"cldr-data": ">=25"
}
On your library, access CLDR JSON data using require("cldr-data")
.
cldr = require("cldr-data");
function Pluralize(locale) {
var plurals = cldr("supplemental/plurals");
var language = extractLanguageFrom(locale);
// Your awesome pluralization logic
pluralForm = doAwesomeStuffWith(
plurals.supplemental["plurals-type-cardinal"][language]
);
return pluralForm;
}
For your convinience, use cldr-data in conjunction with cldr.js. You can find more details switching to the Foo Number Format Library Example or Application Example branches.
By default, the locale coverage installed is core
, which Unicode defines as
the top tier languages and is equivalent to the json.zip
content. There exists two solutions to get the full coverage: either by setting the environmental variable CLDR_COVERAGE
to full
or define the coverage in your package.json
.
In this example we are installing cldr-data
by setting the CLDR_COVERAGE
to full
:
$ CLDR_COVERAGE=full npm install
Define your coverage by setting the property cldr-data-coverage
in your `package.json:
{
...
"cldr-data-coverage": "full",
...
}
MIT © Rafael Xavier de Souza
FAQs
Npm module for Unicode CLDR JSON data
The npm package cldr-data receives a total of 36,764 weekly downloads. As such, cldr-data popularity was classified as popular.
We found that cldr-data demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.