Product
Socket Now Supports uv.lock Files
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
image-headers
Advanced tools
This is a simple class that can be used with a stream to read all the metadata from an image file without storing the entire file in memory.
Typically, most libraries in Node take in the stream, save it somewhere (either a Buffer or to disk), then hand the image file off to an external library.
We have a image uploader service that basically proxies through the stream directly to S3 - we don't want to hit our disk at all. This was the only way we could hit that goal and still get our metadata.
npm install node-image-headers
See the test file for how we are using it. Here's the key snippet:
image_headers = new ImageHeaders()
new DataReader(file_name)
.on "error", (error) ->
console.log ("error: " + error)
return callback(error)
.on "byte", (b) ->
# console.log ("byte: " + b)
image_headers.add_bytes(b) unless image_headers.finished
.on "end", () ->
# console.log ("EOF");
image_headers.finish (err, image_headers) ->
return callback(err, image_headers)
.read()
That's in CoffeeScript.
The finish
call is important - it's what processes the EXIF tags (and
in the future anything similar that can benefit from an external library). This
keeps our code simpler from having us stream and parse EXIF on the fly. No library
does this well, as far as I can find.
See the LICENSE file for details, but short version: MIT License.
FAQs
Parse image headers from a stream without loading the entire image.
The npm package image-headers receives a total of 1 weekly downloads. As such, image-headers popularity was classified as not popular.
We found that image-headers demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.