
Research
/Security News
jscrambler npm Package Compromised in Supply Chain Attack
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.
image-lossless-compressor
Advanced tools
一个简单的 npm 包,专门用于无损压缩图片并转换为 WebP 格式。
版本使用:
5.2MB -> 223KB
.jpg 和 .png 两种图片格式一定要在node上原生ESM的方式使用
npm install image-lossless-compressor
import { compressAndConvertToWebP } from 'image-lossless-compressor';
// 示例用法
compressAndConvertToWebP('path/to/image.jpg', 'path/to/destination/webp').then(() => {
console.log('图片已压缩并转换格式!');
}).catch((error) => {
console.error('发生错误:', error);
});
npm install image-lossless-compressor@1.0.5-commonjs
import { compressAndConvertToWebP } from 'image-lossless-compressor';
// 示例用法
import {
Controller,
Get,
Post,
Body,
Patch,
Param,
Delete,
UseGuards,
UseInterceptors,
UploadedFile,
Logger,
} from '@nestjs/common';
import { UploadService } from './upload.service';
import { FileInterceptor } from '@nestjs/platform-express';
// import * as path from 'path';
import { v4 as uuidv4 } from 'uuid';
import { AuthGuard } from '@nestjs/passport';
import { compressAndConvertToWebP } from 'image-lossless-compressor';
import {
ApiTags,
ApiConsumes,
ApiBody,
ApiResponse,
ApiOperation,
} from '@nestjs/swagger';
@ApiTags('upload')
@Controller('upload')
export class UploadController {
constructor(private readonly uploadService: UploadService) {}
@ApiOperation({ summary: '上传相册图片' })
@ApiResponse({ status: 200, description: '文件上传成功' })
@ApiResponse({ status: 400, description: '文件上传失败' })
@ApiConsumes('multipart/form-data')
@ApiBody({
description: '上传文件',
type: 'multipart/form-data',
schema: {
type: 'object',
properties: {
file: {
type: 'string',
format: 'binary',
},
},
},
})
@Post('album')
@UseGuards(AuthGuard())
@UseInterceptors(FileInterceptor('file'))
async upload(@UploadedFile() file): Promise<any> {
console.log(JSON.stringify(file));
const uuid = uuidv4(); // 生成唯一的uuid作为文件名
const filename = `${uuid}.webp`; // 拼接文件名
// 返回上传结果,包含文件路径等相关信息
Logger.log('upload: ' + JSON.stringify(file));
const outputFilePath = `${file.destination}/${filename}`;
// 调用图片处理函数处理并压缩图片
await compressAndConvertToWebP(file.path, outputFilePath);
Logger.log('upload-End: ' + JSON.stringify(file));
// 返回上传成功信息及处理好的图片 URL
return {
url: `/uploads/${filename}`, // 文件路径
notCompress: file.filename, // 未压缩图盘路径
originalname: file.originalname, // 文件原名
};
}
}
.webp。同时,欢迎来我的博客转转,你会和我一起成长。
FAQs
lossless compress images and convert to WebP format
The npm package image-lossless-compressor receives a total of 10 weekly downloads. As such, image-lossless-compressor popularity was classified as not popular.
We found that image-lossless-compressor demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.