Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Free image manipulation API service built on top of Sharp (an alternative to Jimp, Graphics Magic, Image Magick, and PhantomJS)
npm:
npm install lipo
yarn:
yarn add lipo
To keep things simple you can use the exact same API that Sharp offers.
const lipo = require('lipo');
lipo('input.jpg')
.resize(300, 300)
.toFile('output.jpg', err => {
if (err) throw err;
console.log('resized image');
});
Lipo is a drop-in replacement for Sharp (so you won't have to worry about cross-platform installation).
You can simply replace instances of sharp
with lipo
:
-const sharp = require('sharp');
+const lipo = require('lipo');
-sharp('input.jpg')
+lipo('input.jpg')
.resize(300, 200)
.toFile('output.jpg', err => {
if (err) throw err;
console.log('resized image');
});
You can even use Lipo from the command line:
curl -F "input=@/Users/me/Desktop/input.jpg" \
-F 'queue=[ [ "resize", 300, 300 ] ]' \
-o /Users/me/Desktop/output.jpg \
https://api.lipo.io
Resize Method Options: If you need to use constant values such as
sharp.kernel.nearest
,sharp.gravity.centre
, or any other option from resize, please use the alternate form ofLipo.kernel.nearest
andLipo.gravity.centre
, respectively (just as an example)
Note that if you use make more than 100 requests per hour from the same IP address or wish to exceed 20MB file upload size limitation, we will rate limit you until you sign up for an API key at https://lipo.io.
Once you sign up for a key, you can pass it as const lipo = require('lipo')({ key: 'YOUR_API_KEY_HERE' });
or as an environment variable (e.g. LIPO_KEY=YOUR_API_KEY_HERE node app.js
).
While building Lad I was instructing our team how to install Sharp, but there was a lot of confusion with libvips and many cross-platform installation issues.
Between Docker, Ubuntu, and Mac cross-platform issues reported by the team, I wanted to drop Sharp completely as a dependency from Lad.
I tried pure JavaScript-based solutions like Jimp, and even tried PhantomJS and Puppeteer solutions, however they were all too slow.
Sharp was the fastest option, and therefore I thought making a drop-in replacement that uses a powerful server would be satisfactory.
Thus Lipo was born.
See the test folder for an example that shows how to use the middleware lipo-koa
(also see lipo-express
and other related packages below).
Lips by Orin zuu from the Noun Project
Name | Website |
---|---|
Nick Baugh | http://niftylettuce.com/ |
Imed Jaberi | https://3imed-jaberi.com/ |
Lipo, Lass, Lad, Cabin, and their respective logos are trademarks of Niftylettuce LLC. These trademarks may not be reproduced, distributed, transmitted, or otherwise used, except with the prior written permission of Niftylettuce LLC. If you are seeking permission to use these trademarks, then please contact us.
FAQs
Free image manipulation API service built on top of Sharp (an alternative to Jimp, Graphics Magic, Image Magick, and PhantomJS)
We found that lipo demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.