Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
A pure javascript QR code reading library that takes in raw images and will locate, extract and parse any QR code found within.
The jsqr npm package is a JavaScript library for detecting and decoding QR codes from images. It is designed to be lightweight and efficient, making it suitable for use in web applications where QR code scanning functionality is needed.
Detect and Decode QR Code from Image Data
This feature allows you to detect and decode a QR code from image data. The `jsQR` function takes the image data, width, and height as input and returns the decoded QR code data if a QR code is found.
const jsQR = require('jsqr');
const imageData = getImageDataFromCanvas(); // Assume this function gets image data from a canvas element
const qrCode = jsQR(imageData.data, imageData.width, imageData.height);
if (qrCode) {
console.log('Found QR code', qrCode.data);
} else {
console.log('No QR code found');
}
The qrcode-reader package is another JavaScript library for reading QR codes from images. It provides similar functionality to jsqr but also includes additional features like handling different image formats and supporting more complex QR code structures.
The qr-scanner package is a lightweight library for scanning QR codes using the browser's camera. It is designed for real-time QR code scanning and provides a simple API for integrating QR code scanning functionality into web applications. Compared to jsqr, qr-scanner is more focused on real-time scanning rather than decoding from static images.
A pure javascript QR code reading library. This library takes in raw images and will locate, extract and parse any QR code found within.
Available on npm. Can be used in a Node.js program or with a module bundler such as Webpack or Browserify.
npm install jsqr --save
// ES6 import
import jsQR from "jsqr";
// CommonJS require
const jsQR = require("jsqr");
jsQR(...);
Alternatively for frontend use jsQR.js
can be included with a script tag
<script src="jsQR.js"></script>
<script>
jsQR(...);
</script>
jsQR is designed to be a completely standalone library for scanning QR codes. By design it does not include any platform specific code. This allows it to just as easily scan a frontend webcam stream, a user uploaded image, or be used as part of a backend Node.js process.
If you want to use jsQR to scan a webcam stream you'll need to extract the ImageData
from the video stream. This can then be passed to jsQR. The jsQR demo contains a barebones implementation of webcam scanning that can be used as a starting point and customized for your needs. For more advanced questions you can refer to the getUserMedia
docs or the fairly comprehensive webRTC sample code, both of which are great resources for consuming a webcam stream.
jsQR exports a method that takes in 3 arguments representing the image data you wish to decode. Additionally can take an options object to further configure scanning behavior.
const code = jsQR(imageData, width, height, options?);
if (code) {
console.log("Found QR code", code);
}
imageData
- An Uint8ClampedArray
of RGBA pixel values in the form [r0, g0, b0, a0, r1, g1, b1, a1, ...]
.
As such the length of this array should be 4 * width * height
.
This data is in the same form as the ImageData
interface, and it's also commonly returned by node modules for reading images.width
- The width of the image you wish to decode.height
- The height of the image you wish to decode.options
(optional) - Additional options.
inversionAttempts
- (attemptBoth
(default), dontInvert
, onlyInvert
, or invertFirst
) - Should jsQR attempt to invert the image to find QR codes with white modules on black backgrounds instead of the black modules on white background. This option defaults to attemptBoth
for backwards compatibility but causes a ~50% performance hit, and will probably be default to dontInvert
in future versions.If a QR is able to be decoded the library will return an object with the following keys.
binaryData
- Uint8ClampedArray
- The raw bytes of the QR code.data
- The string version of the QR code data.chunks
- The QR chunks.version
- The QR version.location
- An object with keys describing key points of the QR code. Each key is a point of the form {x: number, y: number}
.
Has points for the following locations.
topRightCorner
/topLeftCorner
/bottomRightCorner
/bottomLeftCorner
;topRightFinderPattern
/topLeftFinderPattern
/bottomLeftFinderPattern
bottomRightAlignmentPattern
assuming one exists and can be located.Because the library is written in typescript you can also view the type definitions to understand the API.
jsQR is written using typescript.
You can view the development source in the src
directory.
Tests can be run with
npm test
Besides unit tests the test suite contains several hundred images that can be found in the /tests/end-to-end/ folder.
Not all the images can be read. In general changes should hope to increase the number of images that read. However due to the nature of computer vision some changes may cause images that pass to start to fail and visa versa. To update the expected outcomes run npm run-script generate-test-data
. These outcomes can be evaluated in the context of a PR to determine if a change improves or harms the overall ability of the library to read QR codes. A summary of which are passing
and failing can be found at /tests/end-to-end/report.json
After testing any changes, you can compile the production version by running
npm run-script build
Pull requests are welcome! Please create seperate branches for seperate features/patches.
FAQs
A pure javascript QR code reading library that takes in raw images and will locate, extract and parse any QR code found within.
The npm package jsqr receives a total of 165,074 weekly downloads. As such, jsqr popularity was classified as popular.
We found that jsqr demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.