grapheme-breaker-u10-0
Advanced tools
grapheme-breaker-u10-0 - npm Package Compare versions
Comparing version 0.0.1-security to 0.4.0
| { | ||
| "name": "grapheme-breaker-u10-0", | ||
| "version": "0.0.1-security", | ||
| "description": "security holding package", | ||
| "repository": "npm/security-holder" | ||
| "version": "0.4.0", | ||
| "description": "An implementation of the Unicode grapheme cluster breaking algorithm (UAX #29)", | ||
| "main": "src/GraphemeBreaker", | ||
| "directories": { | ||
| "test": "test" | ||
| }, | ||
| "dependencies": { | ||
| "unicode-trie": "^0.3.1" | ||
| }, | ||
| "devDependencies": { | ||
| "chai": "^4.2.0", | ||
| "coffeescript": "^2.4.1", | ||
| "mocha": "^6.1.4", | ||
| "request": "^2.88.0" | ||
| }, | ||
| "scripts": { | ||
| "test": "mocha ./test/GraphemeBreaker.coffee", | ||
| "build": "coffee -c src/" | ||
| }, | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git://github.com/yumetodo/grapheme-breaker-u10-0" | ||
| }, | ||
| "keywords": [ | ||
| "unicode", | ||
| "text", | ||
| "break", | ||
| "segment", | ||
| "character", | ||
| "grapheme cluster" | ||
| ], | ||
| "author": "Devon Govett <devongovett@gmail.com>", | ||
| "contributors": [ | ||
| "vaskevich <oleg@osv.im> (https://osv.im)", | ||
| "yumetodo <yume-wikijp@live.jp> (https://yumetodo.hateblo.jp/)" | ||
| ], | ||
| "license": "MIT", | ||
| "bugs": { | ||
| "url": "https://github.com/yumetodo/grapheme-breaker-u10-0/issues" | ||
| }, | ||
| "homepage": "https://github.com/yumetodo/grapheme-breaker-u10-0" | ||
| } |
@@ -1,9 +0,66 @@ | ||
| # Security holding package | ||
| # grapheme-breaker-u10-0 | ||
| This package name is not currently in use, but was formerly occupied | ||
| by another package. To avoid malicious use, npm is hanging on to the | ||
| package name, but loosely, and we'll probably give it to you if you | ||
| want it. | ||
| [](https://travis-ci.org/yumetodo/grapheme-breaker-u10-0) [](https://greenkeeper.io/) | ||
| You may adopt this package by contacting support@npmjs.com and | ||
| requesting the name. | ||
| This is a fork of `grapheme-breaker`. Support Unicode 10.0 and emoji v5 by @vaskevich. | ||
| Please watch below before using this package. | ||
| [grapheme-breaker#4](https://github.com/foliojs/grapheme-breaker/pull/4) | ||
| Original package is no longer maintained as far as I know. So, I republish this package. | ||
| ## Overveiw | ||
| A JavaScript implementation of the Unicode grapheme cluster breaking algorithm ([UAX #29](http://www.unicode.org/reports/tr29/#Grapheme_Cluster_Boundaries)) | ||
| > It is important to recognize that what the user thinks of as a “character”—a basic unit of a writing system for a | ||
| > language—may not be just a single Unicode code point. Instead, that basic unit may be made up of multiple Unicode | ||
| > code points. To avoid ambiguity with the computer use of the term character, this is called a user-perceived character. | ||
| > For example, “G” + acute-accent is a user-perceived character: users think of it as a single character, yet is actually | ||
| > represented by two Unicode code points. These user-perceived characters are approximated by what is called a grapheme cluster, | ||
| > which can be determined programmatically. | ||
| ## Installation | ||
| You can install via npm | ||
| npm install grapheme-breaker-u10-0 | ||
| ## Example | ||
| ```javascript | ||
| var GraphemeBreaker = require('grapheme-breaker-u10-0'); | ||
| // break a string into an array of grapheme clusters | ||
| GraphemeBreaker.break('Z͑ͫ̓ͪ̂ͫ̽͏̴̙̤̞͉͚̯̞̠͍A̴̵̜̰͔ͫ͗͢L̠ͨͧͩ͘G̴̻͈͍͔̹̑͗̎̅͛́Ǫ̵̹̻̝̳͂̌̌͘!͖̬̰̙̗̿̋ͥͥ̂ͣ̐́́͜͞') // => ['Z͑ͫ̓ͪ̂ͫ̽͏̴̙̤̞͉͚̯̞̠͍', 'A̴̵̜̰͔ͫ͗͢', 'L̠ͨͧͩ͘', 'G̴̻͈͍͔̹̑͗̎̅͛́', 'Ǫ̵̹̻̝̳͂̌̌͘', '!͖̬̰̙̗̿̋ͥͥ̂ͣ̐́́͜͞'] | ||
| // or just count the number of grapheme clusters in a string | ||
| GraphemeBreaker.countBreaks('Z͑ͫ̓ͪ̂ͫ̽͏̴̙̤̞͉͚̯̞̠͍A̴̵̜̰͔ͫ͗͢L̠ͨͧͩ͘G̴̻͈͍͔̹̑͗̎̅͛́Ǫ̵̹̻̝̳͂̌̌͘!͖̬̰̙̗̿̋ͥͥ̂ͣ̐́́͜͞') // => 6 | ||
| // use nextBreak and previousBreak to get break points starting | ||
| // from anywhere in the string | ||
| GraphemeBreaker.nextBreak('😜🇺🇸👍', 3) // => 6 | ||
| GraphemeBreaker.previousBreak('😜🇺🇸👍', 3) // => 2 | ||
| ``` | ||
| ## Development Notes | ||
| In order to use the library, you shouldn't need to know this, but if you're interested in | ||
| contributing or fixing bugs, these things might be of interest. | ||
| * The `src/classes.coffee` file is automatically generated from `GraphemeBreakProperty.txt` in the Unicode | ||
| database by `src/generate_data.coffee`. It should be rare that you need to run this, but | ||
| you may if, for instance, you want to change the Unicode version. | ||
| * You can run the tests using `npm test`. They are written using `mocha`, and generated from | ||
| `GraphemeBreakTest.txt` and `emoji-test.txt` from the Unicode database, which is included in the | ||
| repository for performance reasons while running them. | ||
| ## License | ||
| MIT |
New alerts
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Fixed alerts
Known malware
Supply chain riskThis package is malware. We have asked the package registry to remove it.
Found 1 instance in 1 package
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
No contributors or author data
MaintenancePackage does not specify a list of contributors or an author in package.json.
Found 1 instance in 1 package
No bug tracker
MaintenancePackage does not have a linked bug tracker in package.json.
Found 1 instance in 1 package
No License Found
License(Experimental) License information could not be found.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No website
QualityPackage does not have a website.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by4963.49%
24406
- Number of package files
- increased by250%
7
- Number of low license alerts
- decreased by-100%
0
- Lines of code
- increased byInfinity%
282
- Number of low maintenance alerts
- decreased by-66.67%
1
- Number of low quality alerts
- decreased by-50%
1
- Number of lines in readme file
- increased by570%
67
- Number of critical supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Dependency count
- increased byInfinity%
1
- Dev dependency count
- increased byInfinity%
4
- Number of medium maintenance alerts
- increased byInfinity%
1
- Number of medium supply chain risk alerts
- increased by100%
2
Dependency changes
+ Addedunicode-trie@^0.3.1
+ Addedpako@0.2.9(transitive)
+ Addedtiny-inflate@1.0.3(transitive)
+ Addedunicode-trie@0.3.1(transitive)