Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
csv-sort
Sort double-entry bookkeeping CSV from internet banking
Install
This package is pure ESM. If you're not ready yet, install an older version of this program, 5.1.0 (npm i csv-sort@5.1.0).
npm i csv-sort
Quick Take
import { strict as assert } from "assert";
import { sort } from "csv-sort";
// Sorts double-entry bookkeeping CSV's - bank statements for example
// see https://en.wikipedia.org/wiki/Double-entry_bookkeeping
assert.deepEqual(
sort(`Acc Number,Description,Debit Amount,Credit Amount,Balance,
123456,Client #1 payment,,1000,1940
123456,Bought carpet,30,,950
123456,Bought table,10,,940
123456,Bought pens,10,,1000
123456,Bought chairs,20,,980
`),
{
res: [
["Acc Number", "Description", "Debit Amount", "Credit Amount", "Balance"],
["123456", "Client #1 payment", "", "1000", "1940"],
["123456", "Bought table", "10", "", "940"],
["123456", "Bought carpet", "30", "", "950"],
["123456", "Bought chairs", "20", "", "980"],
["123456", "Bought pens", "10", "", "1000"],
],
msgContent: null,
msgType: null,
},
);
// you'll have to join elements and lines from the array yourself
Documentation
Please visit codsen.com for a full description of the API.
Contributing
To report bugs or request features or assistance, raise an issue on GitHub.
Licence
MIT License
Copyright © 2010-2025 Roy Revelt and other contributors
List of currency signs - Copyright © 2017 Ben Gourley - see its BSD-2-Clause disclaimer
FAQs
Sort double-entry bookkeeping CSV from internet banking
The npm package csv-sort receives a total of 15 weekly downloads. As such, csv-sort popularity was classified as not popular.
We found that csv-sort demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 15 Jan 2026
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026