New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
homoglyph - npm Package Compare versions
Comparing version 1.0.2 to 1.1.0
12
dict.js
@@ -105,8 +105,8 @@ 'use strict' | ||
| for (let entry of homographs) { | ||
| entry = entry.split('') | ||
| const ascii = entry.splice(0, 1)[0] | ||
| for (let char of entry) { | ||
| reverse.set(char, ascii) | ||
| } | ||
| dict.set(ascii, entry) | ||
| entry = Array.from(entry) | ||
| const ascii = entry.splice(0, 1)[0] | ||
| for (let char of entry) { | ||
| reverse.set(char, ascii) | ||
| } | ||
| dict.set(ascii, entry) | ||
| } | ||
@@ -113,0 +113,0 @@ |
23
index.js
@@ -12,6 +12,6 @@ 'use strict' | ||
| probability: 33, | ||
| only: null | ||
| chars: '' | ||
| }, opts) | ||
| return replace(text, dict, () => Math.random() < (opts.probability / 100)) | ||
| return replace(text, dict, () => Math.random() < (opts.probability / 100), opts) | ||
| } | ||
@@ -23,3 +23,3 @@ | ||
| function replace (text, dict, condition) { | ||
| function replace (text, dict, condition, options) { | ||
| const original = text | ||
@@ -29,11 +29,14 @@ let pos = 0 | ||
| for (let char of original) { | ||
| const replacement = dict.get(char) | ||
| const isInArray = (options.chars.length && options.chars.includes(char)) | ||
| if (isInArray || !options.chars.length) { | ||
| const replacement = dict.get(char) | ||
| if (replacement !== undefined) { | ||
| const fakeLetter = Array.isArray(replacement) ? replacement[Math.floor(Math.random() * replacement.length)] : replacement | ||
| if (replacement !== undefined) { | ||
| const fakeLetter = Array.isArray(replacement) ? replacement[Math.floor(Math.random() * replacement.length)] : replacement | ||
| if (typeof condition === 'function') { | ||
| if (condition()) text = splice(text, pos, 1, fakeLetter) | ||
| } else { | ||
| text = splice(text, pos, 1, fakeLetter) | ||
| if (typeof condition === 'function') { | ||
| if (condition()) text = splice(text, pos, 1, fakeLetter) | ||
| } else { | ||
| text = splice(text, pos, 1, fakeLetter) | ||
| } | ||
| } | ||
@@ -40,0 +43,0 @@ } |
| { | ||
| "name": "homoglyph", | ||
| "version": "1.0.2", | ||
| "version": "1.1.0", | ||
| "description": "Replace ascii chars with their same looking utf8 chars.", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
| import test from 'ava' | ||
| import { encode } from './' | ||
| import fs from 'fs'; | ||
| test('encode', t => { | ||
| const output = encode('text', { probability: 100 }) | ||
| console.log(output) | ||
| t.pass() | ||
| t.end() | ||
| const output = encode('text ;', { probability: 100, chars: ' ;' }) | ||
| console.log(output) | ||
| t.pass() | ||
| t.end() | ||
| }) |
New alerts
AI-detected possible typosquat
Supply chain riskAI has identified this package as a potential typosquat of a more popular package. This suggests that the package may be intentionally mimicking another package's name, description, or other metadata.
Found 1 instance in 1 package
Fixed alerts
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.16%
7943
- Lines of code
- increased by1.32%
154
- Number of low supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Number of medium supply chain risk alerts
- increased byInfinity%
1
No dependency changes