Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Do not use this Javascript utility library
This is basically my collection of functions that i often use in projects. They can probably be found in other libraries (like Lodash), but i might not want to use those libraries (because they're big) or because it's overkill.
Because this is a bit of a grabbag of things you probably shouldn't be using this library. Hence the name.
Using npm
:
$ npm install --save donot
Using yarn
:
$ yarn add donot
donot
is a UMD library and thus can be used as a CommonJS module for Node.js, AMD (with Require.js) or as a plain old Javacript global.
Here are all the functions:
$(selector: string): HTMLElement
A shortcut for document.querySelector
.
$("body").style.background = 'red';`
$$(selector: string): HTMLElement
A shortcut for document.querySelectorAll
. Converts the elements in an array.
$$("p").forEach((p) => p.style.color = 'red');
combinations(list: array, opts?:object): array
Create a list of all unique combinations, where a,b === b,a. By default, equals like 'a,a' are allowed, if you don't want that, pass { allowEquals : false }
as a second argument.
const options = combinations([1, 2]);
console.log(options); // [ [ 1, 1 ], [ 1, 2 ], [ 2, 2 ] ]
const options = combinations([1, 2], { allowEquals : false });
console.log(options); // [ [ 1, 2 ] ]
degToRad(deg: number): number
Converts from degrees to radians.
console.log(degToRad(180)); // 3.141592....
getJson(url: string): Promise
Uses fetch
to do a HTTP call and return JSON.
const data = await getJson('http://www.example.com/data.json');
matrix(cols: number, rows: number): arrray
Creates a multidimensional array.
const grid = matrix([1,2,3], [4,5,6]);
console.log(grid[0][1]); // 4
noop(): function
Returns an empty function.
range(max: number): number
range(min: number, max: number): number
Creates a filled array with number from min
(or 0 if that is not given) to, but not including max
.
console.log(range(3)); // [ 0, 1, 2 ]
console.log(range(2, 5)); // [ 2, 3, 4 ]
randInt(max: number) : number
randInt(min: number, max: number)
Returns a random integer between min
(or 0 if that is not given) and max
.
sample(list: array): any
Returns a random element from an array.
shuffle(list: array): array
Returns a shuffled (randomized) copy of list
.
sum(list: array): number
Returns the sum of all numbers in list
.
console.log(sum([1,2,3,4])); // 10
timeout(ms: number): Promise
Returns a promisified version of window.setTimeout
(browser) or setTimeout
) (Node) with a time of ms
miliseconds.
console.log("Let's wait 2 seconds");
await timeout(2000);
console.log("That was 2 seconds");
MIT © Hay Kranen
FAQs
Do not use this utility library
The npm package donot receives a total of 1 weekly downloads. As such, donot popularity was classified as not popular.
We found that donot demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.