Research
Security News
Malicious npm Packages Use Telegram to Exfiltrate BullX Credentials
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
By Kush Pandya - May 08, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
layered-graph
Advanced tools
layered-graph
Compose a graph out of multiple sublayers, and in particular, expose a dynamically updating shortest paths calculation.
Later added layers override earlier layers.
API: LayeredGraph({start, max}) => layers
start is a node id that is the "root" of the graph.
hops are calculated from this node.
max is a float that is the maximum path length to include in the hops calculation.
layers.createLayer (name) => add(g) || add(from, to, value)
create a layer in this graph. returns an add function.
The add function should be called with an initial graph,
and then new edges. Each layer must be initialized.
add({}) is a valid initialization, which is adding an empty graph.
add(a, b, 1) would be adding a single edge with weight 1 between a and b.
layers.getGraph() => g
returns the current layered graph merged into one layer.
the graph is just a two level js object {}, structure {<id_a>:{<id_b>: <weight>},...}
layers.getHops(opts?) => {: }
return a hops map, of each peer id, to their hop length from start (passed to constructor)
If opts is provided, it accepts the following fields:
reverse: return hops to start instead of from start.
start: calculate hops from/to a different node.
max: set a different max distance.
If the max is smaller than the default passed to the constructor, the output will be fastest,
because it will just copy the cached value, but skip nodes at a greater distance than max.
layers.hopStream() => Source
returns a pull-stream source, where each message is a hops object (as returned by getHops) the first item will be the current state, and any subsequent objects will be diffs to that object, created by edges being added or removed in some layer in real time.
layers.onReady (fn)
call fn back once all layers have been initialized, or immediately if they are already initialized.
layers.onEdge (fn(from, to, value))
call fn when an edge is added or removed from the graph.
layers.reset()
Clear the state held by this instance, basically going back to how things were
when you called LayeredGraph({start, max}).
License
MIT
FAQs
Multigraph data structure that collapses to a simple graph
The npm package layered-graph receives a total of 1,507 weekly downloads. As such, layered-graph popularity was classified as popular.
We found that layered-graph demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 9 open source maintainers collaborating on the project.
Package last updated on 01 Sep 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Backdooring the IDE: Malicious npm Packages Hijack Cursor Editor on macOS
Malicious npm packages posing as developer tools target macOS Cursor IDE users, stealing credentials and modifying files to gain persistent backdoor access.
By Kirill Boychenko - May 07, 2025
Security News
AI Slop Is Polluting Bug Bounty Platforms with Fake Vulnerability Reports
AI-generated slop reports are making bug bounty triage harder, wasting maintainer time, and straining trust in vulnerability disclosure programs.
By Sarah Gooding - May 06, 2025