Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
kontonummer
Advanced tools
Readme
This is a reimagination of jop-io/kontonummer.js with some additional goals:
Some Code (c) Jonas Persson and Tobbe Lundberg which they have gracefully released under a MIT license. See LICENCE
This implementation is written in TypeScript but the following specification should be applicable to other languages as well. But some language specific modifications may be required.
As explained in the research section below there are some bank account numbers that is impossible to validate (as they do not have a check digit) that are indistinguishable from validatable accounts. I recommend using this library on form input fields but do not prevent form submission if the account number is reported as invalid. A good idea would be something like a warning saying "there is a chance this is not a valid bank account number you may want to double check."
The package should include a class that which should be the return value of parse
class Kontonummer {
constructor (sortingCode: string | number, accountNumber: string | number, options?: InitOptions)
constructor (sortingCodeAndAccountNumber: string | number, options?: InitOptions)
}
sortingCode
(sv. clearing nummer) should be one of the following formats
SSSS
SSSS-C
accountNumber
the allowed length varies, further explained in section
Account Number
White-space should be allowed in any position. Basically, only characters
matches the regex /\d/
should be taken into consideration all other
characters should be discarded.sortingCodeAndAccountNumber
should be one of the following formats
(where S
is sorting code, A
is account number and C
is a check digit.
White-space should be allowed in any position. Basically, only characters
matches the regex /\d/
should be taken into consideration all other
characters should be discarded.
SSSS,AC
SSSSAC
S-C,AC
S-CAC
S-C,A-C
S-CA-C
InitOptions
mode: 'strict' | 'semi' | 'lax'
strict
should validate sorting code, account number length and account
number check digit. Should throw if any of these checks fail.semi
should do strict checks for type 1 account numbers (4+7) but lax
checks for type 2 account numbers.lax
should not throw if the check digit of the account number cannot be
validated. Should instead set the valid
property to false if the check
digit or length is invalid. Should still throw for invalid sorting codes.The class should expose the following properties once initialised
class Kontonummer {
readonly bankName: string
readonly sortingCode: string
readonly accountNumber: string
readonly type: 1 | 2
readonly comment: 1 | 2 | 3
readonly valid: boolean // only relevant in `lax` mode
}
All methods except for validate
should throw an exception or return an error
as a second return value. Error handling may be different depending on language.
The exception/error class should be prefixed with Kontonummer
.
The class should include a static parse
method that creates a new instance of
the class. It should take the same arguments as the class constructor. This
function should also be an exported standalone method of the package.
Pseudocode:
class Kontonummer {
static parse (...args) {
return new Kontonummer(...args)
}
}
export const parse = Kontonummer.parse
The class should include a static validate
method that attempts to parse the
provided input and returns a boolean that indicates if it succeeded. validate
should not accept any options. This function should also be an exported
standalone method of the package.
Pseudocode:
class Kontonummer {
validate (sortingCode, accountNumber)
validate (sortingCodeAndAccountNumber) {
try {
new Kontonummer(sortingCode, accountNumber)
return true
} catch {
return false
}
}
}
export const validate = Kontonummer.validate
Format key:
S
: Sorting CodeA
: Account numberC
: Check digitK
: IBAN check digitB
: IBAN bank codeThe class should include a public format
method that returns the sortingCode
and accountNumber in one string. Some different formats should be available.
If no argument is provided it should default to numeric
.
type Format = 'numeric' | 'pretty'
type Part = 'full' | 'sortingCode' | 'accountNumber'
class Kontonummer {
format (format?: Format = 'numeric', part?: Part = 'full'): string
}
Name | Format |
---|---|
numeric (default) | S[C]AC where the account number is padded to the appropriate max length depending on account type |
pretty | Depends on type and bank, see research below |
[]
brackets marks optional
Moved to swantzter.se where I plan to publish research on other topics as well
FAQs
A validator for swedish banking numbers
The npm package kontonummer receives a total of 1,746 weekly downloads. As such, kontonummer popularity was classified as popular.
We found that kontonummer demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.