Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
mfp-strings
Advanced tools
Provide an API for handling externalized/translated strings in a way that is compliant with IBM GTV guidelines.
Usage
var strings = require('mfp-strings');
var path = require('path');
// load up the nls folder
var localizedMessages = strings({locales: path.join(__dirname, 'nls')});
// show a simple localized message
console.log(localizedMessages.simpleMessage);
The "locales" property should be set to a folder which contains the translated message files. These files are expected to be named "messages.json" to contain a simple JSON object with one level of key-value pairs. The key represents the message in code, and the value will be the translated message for that key. Each translated file is put into separate folders whose name matches the locale code for the translation. For example, the Finnish translation would be located at: nls/fi/messages.json since "fi" is the locale code for the Finnish language.
ibm-stings also comes with a set of convenience methods to help you maintain a consistent color scheme when displaying errors and such:
strings.success('Success:' + localizedMessages.simpleMessage);
strings.info('Info:' + localizedMessages.simpleMessage);
strings.fatal(localizedMessages.simpleMessage);
Additionally, localized messages can contain templated sections which can be injected with values at runtime. For example, this message:
"messageWithTemplate": "Hello, {0}"
will display as "Hello, John" when invoked in the following way, using the format() function:
console.log(strings.format(localizedMessages.messageWithTemplate, 'John'));
The format() function's first argument is the localized message, and all following arguments are the values to be inserted into the message template. The order of the arguments determines how the values are injected into the message. For example, this message:
"messageWithReorderedTemplate": "The array index order matters: {1} {2} {0}"
will display as "The array index order matters: Index1 Index2 Index0" when invoked in the following manner:
console.log(strings.format(localizedMessages.messageWithReorderedTemplate, 'Index0', 'Index1', 'Index2'));
where the positional index of the arguments passed into the format() function determines which template sections are replaced with that argument. This allows for translators to rearrange the template sections as the specific language's rules of grammar dictate.
Examples
Please see the example project to see mfp-strings in action.
License
IBM Proprietary
FAQs
A module for internationalization of strings.
We found that mfp-strings demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 07 Feb 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026