Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Formerly part of es5-ext project.
$ npm install duration
Can be bundled for browser with help of modules-webmake
var Duration = require("duration");
var duration = new Duration(new Date(2000, 6, 7), new Date(2010, 8, 13, 3, 23, 8, 456));
console.log("Years: ", duration.years);
console.log("Months: ", duration.months);
console.log("Days: ", duration.days);
console.log("Hours: ", duration.hours);
console.log("Minutes: ", duration.minutes);
console.log("Seconds: ", duration.seconds);
console.log("Milliseconds: ", duration.milliseconds);
console.log("Trailing months: ", duration.month);
console.log("Trailing days: ", duration.day);
console.log("Trailing hours: ", duration.hour);
console.log("Trailing minutes: ", duration.minute);
console.log("Trailing seconds: ", duration.second);
console.log("Trailing milliseconds: ", duration.millisecond);
console.log("Default string representation: ", duration.toString());
console.log("Alternative string representation: ", duration.toString(1));
console.log("Custom string representation: ", duration.toString("H: %Hs m: %M"));
Output:
Years: 10
Months: 122
Days: 3720
Hours: 89283
Minutes: 5357003
Seconds: 321420188
Milliseconds: 321420188456
Trailing months: 2
Trailing days: 6
Trailing hours: 3
Trailing minutes: 23
Trailing seconds: 8
Trailing milliseconds: 456
Default string representation: 10y 2m 6d 03:23:08.456
Alternative string representation: 10y 2m 6d 3h 23m 8s 456ms
Custom string representation: H: 89283 m: 23
Main module is both constructor and factory method, and can be used either way.
from
and to
are expected to be JavaScript Date objects. to
is optional, and if not provided it defaults to current time.
Returns full years of the duration
Returns full months of the duration
Returns full days of the duration
Returns full hours of the duration
Returns full seconds of the duration
Returns full minutes of the duration
Returns milliseconds of the duration
Same as years
. Returns full years of the duration
Returns trailing months of the duration
Returns trailing days of the duration
Returns trailing hours of the duration
Returns trailing minutes of the duration
Returns trailing seconds of the duration
Returns trailing seconds of the duration
Same as milliseconds
. Returns milliseconds of the duration
Returns readable representation of the duration.
When invoked without arguments (defaults to mode=0), returns as:
10y 2m 6d 03:23:08.456
When invoked with mode 1
, returns alternative representation:
10y 2m 6d 3h 23m 8s 456ms
Representation returned by default modes can be customized with threshold setting that trims lowest units:
duration.toString(); // 10y 2m 6d 03:23:08.456
duration.toString(0, 1); // 10y 2m 6d 03:23:08
duration.toString(0, 2); // 10y 2m 6d 03:23
duration.toString(1); // 10y 2m 6d 3h 23m 8s 456ms
duration.toString(1, 1); // 10y 2m 6d 3h 23m 8s
duration.toString(1, 2); // 10y 2m 6d 3h 23m
When invoked with string, formats the duration according to given pattern, where:
%y
- duration.year
%m
- duration.month
%d
- duration.day
%H
- duration.hour
%M
- duration.minute
%S
- duration.second
%L
- duration.millisecond
%ms
- duration.months
%ds
- duration.days
%Hs
- duration.hours
%Ms
- duration.minutes
%Ss
- duration.seconds
%Ls
- duration.milliseconds
%sign
- If duration is negative outputs -
otherwise empty string$ npm test
FAQs
Time duration utilities
The npm package duration receives a total of 1,503,492 weekly downloads. As such, duration popularity was classified as popular.
We found that duration demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.