Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
dicomweb-client
Advanced tools
JavaScript client implementation of DICOMweb.
For further details please refer to PS3.18 of the DICOM standard.
This is work-in-progress and should not be used in clinical practice. Use at your own risk.
The main motivations for this project is:
Install the dicomweb-client package using the npm
package manager:
npm install dicomweb-client
Build and test code locally:
git clone https://github.com/dcmjs-org/dicomweb-client ~/dicomweb-client
cd ~/dicomweb-client
npm install
npm run build
npm test
<script type="text/javascript" src="https://unpkg.com/dicomweb-client"></script>
const url = 'http://localhost:8080/dicomweb';
const client = new DICOMwebClient.api.DICOMwebClient({url});
client.searchForStudies().then(studies => {
console.log(studies)
});
The API can be configured with a number of custom configuration options to control the requests. These are:
bulkdata,image,video
to request as single part responsesXMLHttpRequest
can be passed to storeInstances
as a property of the options
parameter. When present, instead of creating a new XMLHttpRequest
instance, the passed instance is used instead. One use of this would be to track the progress of a DICOM store and/or cancel it.An example use of XMLHttpRequest
being passed into the store is shown in the js snippet below
as an example of where the upload's percentage progress is output to the console.
const url = 'http://localhost:8080/dicomweb';
const client = new DICOMwebClient.api.DICOMwebClient({url});
// an ArrayBuffer of the DICOM object/file
const dataSet = ... ;
// A custom HTTP request
const request = new XMLHttpRequest();
// A callback that outputs the percentage complete to the console.
const progressCallback = evt => {
if (!evt.lengthComputable) {
// Progress computation is not possible.
return;
}
const percentComplete = Math.round((100 * evt.loaded) / evt.total);
console.log("storeInstances is " + percentComplete + "%");
};
// Add the progress callback as a listener to the request upload object.
request.upload.addEventListener('progress', progressCallback);
const storeInstancesOptions = {
dataSets,
request,
}
client.storeInstances(storeInstancesOptions).then( () => console.log("storeInstances completed successfully.") );
Use semantic
commit messages to generate releases and change log entries: Semantic Release: How does it work?. Github actions are used to trigger building and uploading new npm packages.
Please cite the following article when using the client for scientific studies: Herrmann et al. J Path Inform. 2018:
@article{jpathinform-2018-9-37,
Author={
Herrmann, M. D. and Clunie, D. A. and Fedorov A. and Doyle, S. W. and Pieper, S. and
Klepeis, V. and Le, L. P. and Mutter, G. L. and Milstone, D. S. and Schultz, T. J. and
Kikinis, R. and Kotecha, G. K. and Hwang, D. H. and Andriole, K, P. and Iafrate, A. J. and
Brink, J. A. and Boland, G. W. and Dreyer, K. J. and Michalski, M. and
Golden, J. A. and Louis, D. N. and Lennerz, J. K.
},
Title={Implementing the {DICOM} standard for digital pathology},
Journal={Journal of Pathology Informatics},
Year={2018},
Number={1},
Volume={9},
Number={37}
}
The developers gratefully acknowledge their reseach support:
FAQs
Implementation of DICOMweb client code
The npm package dicomweb-client receives a total of 7,318 weekly downloads. As such, dicomweb-client popularity was classified as popular.
We found that dicomweb-client demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.