Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
JavaScript library providing high performance, intuitive, and easy to use data structures for manipulating and processing structured data.
Danfo.js is a javascript package that provides fast, flexible, and expressive data structures designed to make working with "relational" or "labeled" data both easy and intuitive. It is heavily inspired by Pandas library, and provides a similar API. This means that users familiar with Pandas, can easily pick up danfo.js.
NaN
) in floating point as well as non-floating point dataSeries
, DataFrame
, etc. automatically
align the data for you in computationsThere are three ways to install and use Danfo.js in your application
npm install danfojs-node
or
yarn add danfojs-node
For client-side applications built with frameworks like React, Vue, Next.js, etc, you can install the danfojs version:
npm install danfojs
or
yarn add danfojs
For use directly in HTML files, you can add the latest script tag from JsDelivr to your HTML file:
<script src="https://cdn.jsdelivr.net/npm/danfojs@1.1.2/lib/bundle.js"></script>
See all available versions here
Run in Code Sandbox
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<script src="https://cdn.jsdelivr.net/npm/danfojs@1.1.2/lib/bundle.js"></script>
<title>Document</title>
</head>
<body>
<div id="div1"></div>
<div id="div2"></div>
<div id="div3"></div>
<script>
dfd.readCSV("https://raw.githubusercontent.com/plotly/datasets/master/finance-charts-apple.csv")
.then(df => {
df['AAPL.Open'].plot("div1").box() //makes a box plot
df.plot("div2").table() //display csv as table
new_df = df.setIndex({ column: "Date", drop: true }); //resets the index to Date column
new_df.head().print() //
new_df.plot("div3").line({
config: {
columns: ["AAPL.Open", "AAPL.High"]
}
}) //makes a timeseries plot
}).catch(err => {
console.log(err);
})
</script>
</body>
</html>
Output in Browser:
const dfd = require("danfojs-node")
const file_url = "https://web.stanford.edu/class/archive/cs/cs109/cs109.1166/stuff/titanic.csv"
dfd.readCSV(file_url)
.then(df => {
//prints the first five columns
df.head().print()
// Calculate descriptive statistics for all numerical columns
df.describe().print()
//prints the shape of the data
console.log(df.shape);
//prints all column names
console.log(df.columns);
// //prints the inferred dtypes of each column
df.ctypes.print()
//selecting a column by subsetting
df['Name'].print()
//drop columns by names
cols_2_remove = ['Age', 'Pclass']
df_drop = df.drop({ columns: cols_2_remove, axis: 1 })
df_drop.print()
//select columns by dtypes
let str_cols = df_drop.selectDtypes(["string"])
let num_cols = df_drop.selectDtypes(["int32", "float32"])
str_cols.print()
num_cols.print()
//add new column to Dataframe
let new_vals = df['Fare'].round(1)
df_drop.addColumn("fare_round", new_vals, { inplace: true })
df_drop.print()
df_drop['fare_round'].round(2).print(5)
//prints the number of occurence each value in the column
df_drop['Survived'].valueCounts().print()
//print the last ten elementa of a DataFrame
df_drop.tail(10).print()
//prints the number of missing values in a DataFrame
df_drop.isNa().sum().print()
}).catch(err => {
console.log(err);
})
Output in Node Console:
The official documentation can be found here
We recently published a book titled "Building Data Driven Applications with Danfo.js". Read more about it here
Development discussions take place here.
All contributions, bug reports, bug fixes, documentation improvements, enhancements, and ideas are welcome. A detailed overview on how to contribute can be found in the contributing guide.
FAQs
JavaScript library providing high performance, intuitive, and easy to use data structures for manipulating and processing structured data.
We found that danfojs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.