
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
Check if a Buffer/Uint8Array is a EOT
$ npm install --save is-eot
var readChunk = require('read-chunk'); // npm install read-chunk
var isEot = require('is-eot');
var buffer = readChunk.sync('font.eot', 0, 36);
isEot(buffer);
//=> true
var xhr = new XMLHttpRequest();
xhr.open('GET', 'font.eot');
xhr.responseType = 'arraybuffer';
xhr.onload = function () {
isEot(new Uint8Array(this.response));
//=> true
};
xhr.send();
Accepts a Buffer (Node.js) or Uint8Array.
$ npm test
test file from Font-Awesome
MIT © junmer
FAQs
Check if a Buffer/Uint8Array is EOT
The npm package is-eot receives a total of 2,549 weekly downloads. As such, is-eot popularity was classified as popular.
We found that is-eot demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
Research
Security News
Malicious Ruby gems typosquat Fastlane plugins to steal Telegram bot tokens, messages, and files, exploiting demand after Vietnam’s Telegram ban.
Research
Security News
Socket uncovered four malicious npm packages that exfiltrate up to 85% of a victim’s Ethereum or BSC wallet using obfuscated JavaScript.