
Research
/Security News
Compromised npm Packages in the AsyncAPI Namespace Deliver Miasma Botnet Loader
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.
ffmpeg-static
Advanced tools
Static ffmpeg binaries for macOS, Linux, Windows.
Supports macOS (64-bit and arm64), Linux (32 and 64-bit, armhf, arm64), Windows (32 and 64-bit). The ffmpeg version currently used is 6.1.1.
Note: The version of ffmpeg-static follows SemVer. When releasing new versions, we do not consider breaking changes in ffmpeg itself, but only the JS interface (see below). For example, ffmpeg-static@4.5.0 might download ffmpeg 5.0. To prevent an ffmpeg-static upgrade downloading backwards-incompatible ffmpeg versions, use a strict version range for it or use a lockfile.
Also check out node-ffmpeg-installer!
$ npm install ffmpeg-static
Note: During installation, it will download the appropriate ffmpeg binary from the b6.1.1 GitHub release. Use and distribution of the binary releases of ffmpeg are covered by their respective license.
By default, the ffmpeg binary will get downloaded from https://github.com/eugeneware/ffmpeg-static/releases/download. To customise this, e.g. when using a mirror, set the FFMPEG_BINARIES_URL environment variable.
export FFMPEG_BINARIES_URL=https://cdn.npmmirror.com/binaries/ffmpeg-static
npm install ffmpeg-static
Because ffmpeg-static will download a binary specific to the OS/platform, you need to purge node_modules before (re-)packaging your app for a different OS/platform (read more in #35).
Returns the path of a statically linked ffmpeg binary on the local filesystem.
const pathToFfmpeg = require('ffmpeg-static')
console.log(pathToFfmpeg)
// /Users/j/playground/node_modules/ffmpeg-static/ffmpeg
Check the example script for a more thorough example.
The binaries downloaded by ffmpeg-static are from these locations:
This npm package includes statically linked binaries that are produced by the following individuals. Please consider supporting and donating to them who have been providing quality binary builds for many years:
The fluent-ffmpeg package provides a fluent API for working with FFmpeg. It allows you to chain commands and options in a more readable and maintainable way compared to using raw command-line strings. It also handles the installation of FFmpeg for you.
The ffmpeg package is a simple wrapper around the FFmpeg command-line tool. It allows you to execute FFmpeg commands from within your Node.js application. Unlike ffmpeg-static, it does not provide a static binary, so you need to have FFmpeg installed on your system.
The ffmpeg-binaries package provides precompiled FFmpeg binaries for various platforms. It is similar to ffmpeg-static in that it provides a static binary, but it may not be as frequently updated or as widely used.
FAQs
ffmpeg binaries for macOS, Linux and Windows
The npm package ffmpeg-static receives a total of 1,007,894 weekly downloads. As such, ffmpeg-static popularity was classified as popular.
We found that ffmpeg-static demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.