Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
This module contains an implementation of Markowitz algorithm for the portfolio optimization, a routine for retrieving historical prices from Yahoo, statistical information for stocks and a routine for calculating implied volatility using Black and Scholes formula.
See examples directory.
For a frontend, see node-conpa.
To install with npm:
npm install finance
Tested with Node.js 14.x, R 3.4.3 and Rserve 1.7.3.
It retrieves the key statistics for the stocks and returns an array of objects to create an uneditable form on front-end side.
Params
Callback response
It retrieves the strike values for calls and puts from Yahoo! Finance.
Params
Callback response
optionChain
Arguments
arr is the string containing the comma separated value content.
options
It calculates the weighted performance for a matrix.
Arguments
Returns a vector containing the weighted perfomance of the matrix.
It creates an optimal portfolio. If config is defined, the method call a Rserve instance, otherwise a native implementation is used.
Params
Callback response
perf performances vector.
message error message, if empty the optimization is fine.
optim details of quadprog response.
Config
It retrieves the source code of the R script calculating the optimal portfolio.
Params See portfolio.getOptimalPortfolio.
Callback response
It retrieves the prices from Yahoo! finance.
Arguments
Callback response
error calback error.
symbol asset symbol.
prices
It retrieves the prices from Yahoo! finance and calculates the log returns of the close prices.
Arguments
Callback response
returns
It retrieves the risk free rate from Yahoo! Finance.
Callback response
It calculates the implied volatility for an option using Black and Scholes formula.
Arguments
Callback response
option
FAQs
Module for portfolio optimization, prices and options
The npm package finance receives a total of 0 weekly downloads. As such, finance popularity was classified as not popular.
We found that finance demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.