Security News
The Risks of Misguided Research in Supply Chain Security
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
The `duplexer` npm package is a utility for creating a duplex (readable and writable) stream from two separate streams: a writable stream for writing to and a readable stream for reading from. This is particularly useful in scenarios where you need to treat two separate streams as a single duplex stream for piping data through a series of transformations or operations.
Creating a duplex stream from a writable and readable stream
This code demonstrates how to create a duplex stream using `duplexer` by combining a writable stream, which logs data it receives, and a readable stream, which emits a single piece of data. The resulting duplex stream can be used to read data emitted by the readable stream and write data to the writable stream.
const {Writable, Readable} = require('stream');
const duplexer = require('duplexer');
const writable = new Writable({
write(chunk, encoding, callback) {
console.log(`Writing: ${chunk.toString()}`);
callback();
}
});
const readable = new Readable({
read(size) {
this.push('Read data');
this.push(null); // No more data
}
});
const duplex = duplexer(writable, readable);
duplex.on('data', (data) => console.log(`Read from duplex: ${data.toString()}`));
duplex.write('Data to write');
Similar to `duplexer`, `duplexify` allows for the creation of a duplex stream from a writable and a readable stream. However, `duplexify` provides additional features such as being able to set the readable or writable part asynchronously and handling backpressure more effectively.
While `through2` is a thin wrapper around Node.js streams.Transform (making it easier to create transform streams), it shares the concept of manipulating data streams with `duplexer`. Unlike `duplexer`, `through2` is more focused on transforming data rather than combining streams into a duplex stream.
Similar to `duplexer`, `pumpify` combines streams into a single duplex stream. The difference lies in `pumpify`'s ability to combine an arbitrary number of streams into one, effectively piping data through multiple transformations in a more flexible manner than `duplexer`.
Creates a duplex stream
Taken from event-stream
Takes a writable stream and a readable stream and makes them appear as a readable writable stream.
It is assumed that the two streams are connected to each other in some way.
var cp = require('child_process')
, duplex = require('duplexer')
, grep = cp.exec('grep Stream')
duplex(grep.stdin, grep.stdout)
npm install duplexer
npm test
FAQs
Creates a duplex stream
The npm package duplexer receives a total of 10,979,589 weekly downloads. As such, duplexer popularity was classified as popular.
We found that duplexer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.