Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
maximum-matching
Advanced tools
Typescript Maximum Matching 📘
Implementation of Edmonds’ Blossom algorithm for a maximum matching in graphs with Typescript and graphology
Installation 💾
yarn add maximum-matching
# or
npm install maximum-matching
# ...
Usage 🔬
First we need to create our graph. You can use a regular one from graphology or our MatchingGraph
import { MatchingGraph, maximumMatching } from 'maximum-matching'
const graph = new MatchingGraph()
graph.addNode('1')
graph.addNode('2')
graph.addNode('3')
graph.addNode('4')
// 1 - 2
// | |
// 3 - 4
graph.addEdge('1', '2')
graph.addEdge('2', '4')
graph.addEdge('4', '3')
graph.addEdge('3', '1')
Then we can use the maximumMatching function to calculate it
const result = maximumMatching(graph)
// [ [ '1', '2' ], [ '3', '4' ] ]
Special cases 🧐
When it is not possible to create a perfect matching (e.g. in graphs with an odd number of nodes), it can be interesting to use the maximumMatchingGraph function, which returns a MatchingGraph
This is simply a subclass of UndirectedGraph from graphology that has useful methods for working with matchings.
In most cases you may not want to use them, but a very interesting one is .unpairedNodes(), which lets you know which nodes are unpaired after running the algorithm.
import { maximumMatchingGraph, MatchingGraph } from 'maximum-matching'
const graph = new MatchingGraph()
graph.addNode('Peter')
graph.addNode('Dave')
graph.addNode('Maria')
graph.addNode('Sara')
graph.addNode('Daniel')
// Peter - Dave
// | |
// Maria - Sara - Daniel
graph.addEdge('Daniel', 'Sara')
graph.addEdge('Sara', 'Maria')
graph.addEdge('Maria', 'Peter')
graph.addEdge('Peter', 'Dave')
graph.addEdge('Dave', 'Sara')
const resultGraph = maximumMatchingGraph(graph)
const maximumMatching = resultGraph.matching()
// [ [ 'Maria', 'Peter' ], [ 'Dave', 'Sara' ] ]
const unpairedNodes = resultGraph.unpairedNodes()
// [ 'Daniel' ]
calling the .matching() method in the resulting graph is the same thing as using the maximumMatching function directly.
Theory 🎓
Formal proof: Stanford University
Simplified proof: Made by me (Spanish)
Author 🧑🔬
Developed by Julio César Castro López
FAQs
Implementation of Blossom's Algorithm for Maximum Matching
We found that maximum-matching demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 01 May 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026