Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
image-size
Advanced tools
The image-size npm package is a module that provides a simple API to determine the dimensions of an image file. It supports a variety of image formats, including but not limited to JPEG, PNG, GIF, BMP, and WebP. The package can be used in both synchronous and asynchronous contexts and can handle local files as well as remote images via URLs.
Synchronous image size retrieval
This feature allows you to synchronously get the dimensions of an image by providing the path to the image file.
const sizeOf = require('image-size');
const dimensions = sizeOf('path/to/image.jpg');
console.log(dimensions.width, dimensions.height);
Asynchronous image size retrieval
This feature allows you to asynchronously get the dimensions of an image by providing the path to the image file and a callback function.
const sizeOf = require('image-size');
sizeOf('path/to/image.jpg', (err, dimensions) => {
if (err) throw err;
console.log(dimensions.width, dimensions.height);
});
Image size retrieval from a buffer
This feature allows you to get the dimensions of an image from a buffer, which is useful when you have the image data in memory rather than stored in a file.
const sizeOf = require('image-size');
const fs = require('fs');
fs.readFile('path/to/image.jpg', (err, data) => {
if (err) throw err;
const dimensions = sizeOf(data);
console.log(dimensions.width, dimensions.height);
});
Sharp is a high-performance Node.js image processing library that provides a wide range of functionality including resizing, cropping, rotating, and format conversion. It is faster than image-size as it's built on libvips, but it's more complex and has a larger footprint.
Jimp is an image processing library for Node.js that allows for image manipulation and conversion in pure JavaScript without any native dependencies. It offers more features than image-size, such as image manipulation, but it is slower due to its JavaScript-based implementation.
Probe-image-size is a Node.js module to determine image sizes and types in a streaming fashion, which can be useful for remote images. It is similar to image-size but focuses on working with streams and can handle partial data, which is useful for getting dimensions without downloading the whole image.
A Node module to get dimensions of any image file
npm install image-size --save
var sizeOf = require('image-size');
var dimensions = sizeOf('images/funny-cats.png');
console.log(dimensions.width, dimensions.height);
var sizeOf = require('image-size');
sizeOf('images/funny-cats.png', function (err, dimensions) {
console.log(dimensions.width, dimensions.height);
});
NOTE: The asynchronous version doesn't work if the input is a Buffer. Use synchronous version instead.
var { promisify } = require('util');
var sizeOf = promisify(require('image-size'));
sizeOf('images/funny-cats.png')
.then(dimensions => { console.log(dimensions.width, dimensions.height); })
.catch(err => console.error(err));
var { promisify } = require('util');
var sizeOf = promisify(require('image-size'));
try {
const dimensions = await sizeOf('images/funny-cats.png');
console.log(dimensions.width, dimensions.height);
} catch (err) {
console.error(err);
}
If the target file is an icon (.ico) or a cursor (.cur), the width
and height
will be the ones of the first found image.
An additional images
array is available and returns the dimensions of all the available images
var sizeOf = require('image-size');
var images = sizeOf('images/multi-size.ico').images;
for (const dimensions of images) {
console.log(dimensions.width, dimensions.height);
}
var url = require('url');
var http = require('http');
var sizeOf = require('image-size');
var imgUrl = 'http://my-amazing-website.com/image.jpeg';
var options = url.parse(imgUrl);
http.get(options, function (response) {
var chunks = [];
response.on('data', function (chunk) {
chunks.push(chunk);
}).on('end', function() {
var buffer = Buffer.concat(chunks);
console.log(sizeOf(buffer));
});
});
You can optionally check the buffer lengths & stop downloading the image after a few kilobytes. You don't need to download the entire image
npm install image-size --global
image-size image1 [image2] [image3] ...
not a direct port, but an attempt to have something like dabble's imagesize as a node module.
FAQs
get dimensions of any image file
The npm package image-size receives a total of 9,039,308 weekly downloads. As such, image-size popularity was classified as popular.
We found that image-size demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.