Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
comma-separated-tokens
Advanced tools
Readme
Parse and stringify comma-separated tokens.
This is a tiny package that can parse and stringify comma-separated tokens, as
used for example in the HTML accept
attribute, according to the
WHATWG spec.
This package is rather niche, it’s low-level and particularly useful when working with hast.
This package is ESM only. In Node.js (version 14.14+, 16.0+), install with npm:
npm install comma-separated-tokens
In Deno with esm.sh
:
import {parse, stringify} from 'https://esm.sh/comma-separated-tokens@2'
In browsers with esm.sh
:
<script type="module">
import {parse, stringify} from 'https://esm.sh/comma-separated-tokens@2?bundle'
</script>
import {parse, stringify} from 'comma-separated-tokens'
parse(' a ,b,,d d ') //=> ['a', 'b', '', 'd d']
stringify(['a', 'b', '', 'd d']) //=> 'a, b, , d d'
This package exports the identifier parse
and stringify
.
There is no default export.
parse(value)
Parse commma-separated tokens (string
) to an array of strings
(Array<string>
), according to the WHATWG spec.
stringify(values[, options])
Serialize an array of strings or numbers (Array<string|number>
) to
comma-separated tokens (string
).
Handles empty items at start or end correctly.
👉 Note: it’s not possible to specify initial or final whitespace per value.
options
Configuration (optional).
options.padLeft
Whether to pad a space before a token (boolean
, default: true
).
options.padRight
Whether to pad a space after a token (boolean
, default: false
).
This package is fully typed with TypeScript.
It exports the additional type Options
.
This package is at least compatible with all maintained versions of Node.js. As of now, that is Node.js 14.14+ and 16.0+. It also works in Deno and modern browsers.
space-separated-tokens
— parse/stringify space-separated tokenscollapse-white-space
— replace multiple white-space characters with a single spaceproperty-information
— info on HTML propertiesYes please! See How to Contribute to Open Source.
This package is safe.
FAQs
Parse and stringify comma-separated tokens
The npm package comma-separated-tokens receives a total of 5,458,570 weekly downloads. As such, comma-separated-tokens popularity was classified as popular.
We found that comma-separated-tokens demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.