Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
contractions
Advanced tools
Convert English contractions to complete words.
Uses the word list from https://en.wikipedia.org/wiki/Wikipedia:List_of_English_contractions.
npm install contractions
var contractions = require('contractions');
console.log(contractions.expand("I don't know who ya'll are."));
// Outputs: I do not know who you all are.
console.log(contractions.contract("You all will have not seen this."));
// Outputs: Y'all'll'ven't seen this.
You can also use your own list of contractions / strings.
Note: Longer strings take precedent over short strings.
var Contractions = require('contractions').Contractions;
var contractions = new Contractions({
'asap': 'as soon as possible', // only lower case characters should be used in the list
'a.s.a.p.': 'as soon as possible'
});
var text = 'asap';
text = contractions.expand(text);
console.log(text);
// Outputs: as soon as possible
text = contractions.contract(text);
console.log(text);
// Outputs: a.s.a.p.
FAQs
Convert word contractions such as I'm to I am and don't to do not.
The npm package contractions receives a total of 634 weekly downloads. As such, contractions popularity was classified as not popular.
We found that contractions demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.