Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
image-size
Advanced tools
The image-size npm package is a module that provides a simple API to determine the dimensions of an image file. It supports a variety of image formats, including but not limited to JPEG, PNG, GIF, BMP, and WebP. The package can be used in both synchronous and asynchronous contexts and can handle local files as well as remote images via URLs.
Synchronous image size retrieval
This feature allows you to synchronously get the dimensions of an image by providing the path to the image file.
const sizeOf = require('image-size');
const dimensions = sizeOf('path/to/image.jpg');
console.log(dimensions.width, dimensions.height);
Asynchronous image size retrieval
This feature allows you to asynchronously get the dimensions of an image by providing the path to the image file and a callback function.
const sizeOf = require('image-size');
sizeOf('path/to/image.jpg', (err, dimensions) => {
if (err) throw err;
console.log(dimensions.width, dimensions.height);
});
Image size retrieval from a buffer
This feature allows you to get the dimensions of an image from a buffer, which is useful when you have the image data in memory rather than stored in a file.
const sizeOf = require('image-size');
const fs = require('fs');
fs.readFile('path/to/image.jpg', (err, data) => {
if (err) throw err;
const dimensions = sizeOf(data);
console.log(dimensions.width, dimensions.height);
});
Sharp is a high-performance Node.js image processing library that provides a wide range of functionality including resizing, cropping, rotating, and format conversion. It is faster than image-size as it's built on libvips, but it's more complex and has a larger footprint.
Jimp is an image processing library for Node.js that allows for image manipulation and conversion in pure JavaScript without any native dependencies. It offers more features than image-size, such as image manipulation, but it is slower due to its JavaScript-based implementation.
Probe-image-size is a Node.js module to determine image sizes and types in a streaming fashion, which can be useful for remote images. It is similar to image-size but focuses on working with streams and can handle partial data, which is useful for getting dimensions without downloading the whole image.
A Node module to get dimensions of any image file
npm install image-size --save
or
yarn add image-size
const sizeOf = require("image-size")
const dimensions = sizeOf("images/funny-cats.png")
console.log(dimensions.width, dimensions.height)
const sizeOf = require("image-size")
sizeOf("images/funny-cats.png", function (err, dimensions) {
console.log(dimensions.width, dimensions.height)
})
NOTE: The asynchronous version doesn't work if the input is a Buffer. Use synchronous version instead.
Also, the asynchronous functions have a default concurrency limit of 100
To change this limit, you can call the setConcurrency
function like this:
const sizeOf = require("image-size")
sizeOf.setConcurrency(123456)
const { promisify } = require("util")
const sizeOf = promisify(require("image-size"))
sizeOf("images/funny-cats.png")
.then((dimensions) => {
console.log(dimensions.width, dimensions.height)
})
.catch((err) => console.error(err))
const { promisify } = require("util")
const sizeOf = promisify(require("image-size"))(async () => {
try {
const dimensions = await sizeOf("images/funny-cats.png")
console.log(dimensions.width, dimensions.height)
} catch (err) {
console.error(err)
}
})().then((c) => console.log(c))
If the target file is an icon (.ico) or a cursor (.cur), the width
and height
will be the ones of the first found image.
An additional images
array is available and returns the dimensions of all the available images
const sizeOf = require("image-size")
const images = sizeOf("images/multi-size.ico").images
for (const dimensions of images) {
console.log(dimensions.width, dimensions.height)
}
const url = require("url")
const http = require("http")
const sizeOf = require("image-size")
const imgUrl = "http://my-amazing-website.com/image.jpeg"
const options = url.parse(imgUrl)
http.get(options, function (response) {
const chunks = []
response
.on("data", function (chunk) {
chunks.push(chunk)
})
.on("end", function () {
const buffer = Buffer.concat(chunks)
console.log(sizeOf(buffer))
})
})
You can optionally check the buffer lengths & stop downloading the image after a few kilobytes. You don't need to download the entire image
const imageSize = require("image-size")
imageSize.disableTypes(["tiff", "ico"])
const imageSize = require("image-size")
imageSize.disableFS(true)
If the orientation is present in the JPEG EXIF metadata, it will be returned by the function. The orientation value is a number between 1 and 8 representing a type of orientation.
const sizeOf = require("image-size")
const dimensions = sizeOf("images/photo.jpeg")
console.log(dimensions.orientation)
npm install image-size --global
or
yarn global add image-size
followed by
image-size image1 [image2] [image3] ...
not a direct port, but an attempt to have something like dabble's imagesize as a node module.
FAQs
get dimensions of any image file
The npm package image-size receives a total of 6,671,043 weekly downloads. As such, image-size popularity was classified as popular.
We found that image-size demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.