Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
#fsu (fs unique) Unique filenames with streams support
Checking if a file exists before opening is an anti-pattern that leaves you vulnerable to race conditions: another process can remove the file between the calls to fs.exists() and fs.open(). This functions doesn't use fs.exists functionality. If file doesn't exist this will work like usual fs module methods
##Instalation
npm install fsu
Same as fs.open but open for writing and creates unique filename.
var fsu = require('fsu');
fsu.openUnique("text{_###}.txt", function(err, fd) {
//now we can use file descriptor as usual
});
Same as fs.writeFile but creates unique filename.
var fsu = require('fsu');
fsu.writeFileUnique("text{_###}.txt", "test", function(err) {
console.log("Done");
});
Same as fs.createReadStream but returns writable stream for unique file.
var fsu = require('fsu');
var stream = fsu.createUniqueWriteStream("text{_###}.txt");
You must use {#}
pattern in filename and path. All #
characters will be change with counter for existing files. Number of #
means padding for unique counter
If we run second example several times filenames will be
text.txt
text_001.txt
text_002.txt
License: MIT
FAQs
Unique file name with streams support
The npm package fsu receives a total of 583,456 weekly downloads. As such, fsu popularity was classified as popular.
We found that fsu demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.