Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
By Kush Pandya - Jun 06, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
code-point-at
Advanced tools
What is code-point-at?
The 'code-point-at' npm package provides functionality to retrieve a Unicode code point from a string at a given position. This is particularly useful for handling Unicode characters that are represented by two JavaScript characters (surrogate pairs).
What are code-point-at's main functionalities?
Get code point at specific position
This feature allows you to retrieve the Unicode code point of a character at a specified position in a string. It is especially useful for strings containing characters that may be represented by surrogate pairs in JavaScript.
const codePointAt = require('code-point-at');
let str = '𠮷野家';
let codePoint = codePointAt(str, 0);
console.log(codePoint); // 134071Other packages similar to code-point-at
string.prototype.codepointat
This package is a polyfill for the String.prototype.codePointAt() method defined in ECMAScript 2015 (ES6). It offers similar functionality to 'code-point-at' by allowing retrieval of the code point of a character at a given position in a string. The main difference is that 'string.prototype.codepointat' extends the String prototype, making it available as a method on any string instance, whereas 'code-point-at' is used by requiring the module and calling it as a function.
punycode
Punycode.js is a robust Punycode converter that fully complies with RFC 3492 and RFC 5891, and works in nearly all JavaScript environments. This package includes functionality to handle Unicode code points, which can be seen as similar in handling specific Unicode operations like 'code-point-at'. However, Punycode.js is more focused on encoding and decoding between Unicode and ASCII characters, particularly for internationalized domain names (IDNs), making it broader in scope compared to the specific functionality of 'code-point-at'.
code-point-at 
ES2015
String#codePointAt()ponyfill
Ponyfill: A polyfill that doesn't overwrite the native method
Install
$ npm install --save code-point-at
Usage
var codePointAt = require('code-point-at');
codePointAt('🐴');
//=> 128052
codePointAt('abc', 2);
//=> 99
API
codePointAt(input, [position])
License
MIT © Sindre Sorhus
FAQs
ES2015 `String#codePointAt()` ponyfill
The npm package code-point-at receives a total of 8,539,410 weekly downloads. As such, code-point-at popularity was classified as popular.
We found that code-point-at demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 16 Jul 2015
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norris - Jun 05, 2025
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandya - Jun 05, 2025