Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
ffmpeg-extract-frames
Advanced tools
Extracts frames from a video using fluent-ffmpeg.
npm install --save ffmpeg-extract-frames
# or
yarn add ffmpeg-extract-frames
const extractFrames = require('ffmpeg-extract-frames')
// extract 3 frames at 1s, 2s, and 3.5s respectively
await extractFrames({
input: 'media/1.mp4',
output: './screenshot-%i.jpg',
offsets: [
1000,
2000,
3500
]
})
// filePattern = './screenshot-%i.jpg'
// generated screenshots:
// `./screenshot-1.jpg
// `./screenshot-2.jpg
// `./screenshot-3.jpg
Extracts one or more frames from a video file. Returns a Promise
for the full path pattern of the output screenshots.
There are several options for specifying which frames to extract, namely timestamps
, offsets
, fps
, and numFrames
. The default behavior if you don't specify any of these options is to extract all frames from the input.
Type: String
Required
Path or URL to a video file.
Type: String
Required
Output file pattern.
Note that for timestamps
or offsets
, the pattern should include a %i
or %s
(details).
For any other call, you should use the %d
format specifier. I know this is confusing, but it's how fluent-ffmpeg works under the hood.
Type: Array<Number>
Array of seek offset to take the screenshot from in milliseconds.
Type: Array<Number|String>
Same as fluent-ffmpeg's screenshots.timestamps.
Type: Number
Frames per second to output.
Type: Number
Output a specific number of frames. The input video's frames will be skipped such that only this number of frames are output.
Type: Function
Default: noop
Optional function to log the underlying ffmpeg command (like console.log
).
MIT © Travis Fischer
FAQs
Extracts frames from a video.
The npm package ffmpeg-extract-frames receives a total of 7,202 weekly downloads. As such, ffmpeg-extract-frames popularity was classified as popular.
We found that ffmpeg-extract-frames demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.