Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
ip-address
Advanced tools
The ip-address npm package provides utilities for handling, validating, and manipulating IPv4 and IPv6 addresses in JavaScript. It's useful for applications that need to work with IP addresses, whether it's for networking, security, or data analysis purposes.
Parsing and validating IP addresses
This feature allows you to parse and validate IPv4 and IPv6 addresses. The example demonstrates how to create IPv4 and IPv6 objects from string representations of the addresses.
const {IPv4, IPv6} = require('ip-address');
let ipv4 = new IPv4('192.168.0.1');
let ipv6 = new IPv6('2001:0db8:85a3:0000:0000:8a2e:0370:7334');
Checking if an IP address is in a subnet
This feature enables checking if an IP address belongs to a specific subnet. The code sample checks if the '192.168.1.1' address is within the '192.168.1.0/24' subnet.
const {IPv4} = require('ip-address');
let ipv4 = new IPv4('192.168.1.1');
console.log(ipv4.isInSubnet(new IPv4('192.168.1.0/24')));
Converting IP addresses to binary representation
This feature allows converting IP addresses to their binary representation. The example converts the IPv4 address '192.168.1.1' to its binary form.
const {IPv4} = require('ip-address');
let ipv4 = new IPv4('192.168.1.1');
console.log(ipv4.binaryZeroPad());
The 'ip' package provides basic utilities for IP address manipulation, including subnet calculations and IP version checking. It's simpler and has fewer features compared to 'ip-address', which offers more comprehensive IPv6 support and address parsing capabilities.
The 'cidr-js' package is focused on CIDR (Classless Inter-Domain Routing) block calculations, such as checking if an IP address is within a CIDR block. While it overlaps with some functionalities of 'ip-address', it doesn't provide as extensive support for individual IP address manipulations or validations.
ip-address
is a library for validating and manipulating IPv4 and IPv6
addresses in JavaScript.
ip-address
was rewritten in TypeScript for version 7. If you were using
version 6 you'll need to make these changes to upgrade:
isValid()
, which has been removed, you'll need to use a
try
/catch
if you're accepting unknown input. This made the TypeScript
types substantially easier as well as allowed the use of an AddressError
class which will contain a parseMessage
if an error occurred in the parsing
step.error
, parseError
, and valid
attributes you'll
need to use the message
and parseMessage
of the thrown AddressError
.Documentation is available at ip-address.js.org.
var Address6 = require('ip-address').Address6;
var address = new Address6('2001:0:ce49:7601:e866:efff:62c3:fffe');
var teredo = address.inspectTeredo();
teredo.client4; // '157.60.0.1'
Address6.fromURL(url)
::ffff:192.168.0.1
)FAQs
A library for parsing IPv4 and IPv6 IP addresses in node and the browser.
The npm package ip-address receives a total of 12,689,160 weekly downloads. As such, ip-address popularity was classified as popular.
We found that ip-address demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.