![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
microdata-node
Advanced tools
Readme
Microdata parser. Aims to be compatible with http://www.w3.org/TR/microdata/#json and http://www.w3.org/TR/microdata-rdf/
Demo over at http://janpot.github.io/microdata-node.
var microdata = require('microdata-node');
var html =
'<section itemscope itemtype="http://schema.org/Person"> ' +
' Hello, my name is ' +
' <span itemprop="name">John Doe</span>, ' +
' I am a ' +
' <span itemprop="jobTitle">graduate research assistant</span> ' +
' at the ' +
' <span itemprop="affiliation">University of Dreams</span>. ' +
' My friends call me ' +
' <span itemprop="additionalName">Johnny</span>. ' +
' You can visit my homepage at ' +
' <a href="http://www.JohnnyD.com" itemprop="url">www.JohnnyD.com</a>. ' +
' <section itemprop="address" itemscope itemtype="http://schema.org/PostalAddress">' +
' I live at ' +
' <span itemprop="streetAddress">1234 Peach Drive</span>,' +
' <span itemprop="addressLocality">Warner Robins</span>,' +
' <span itemprop="addressRegion">Georgia</span>.' +
' </section>' +
'</section>';
var json = microdata.toJson(html, {
base: 'http://www.example.com'
});
console.log(JSON.stringify(json, null, 2));
/*
{
"items": [{
"properties": {
"address": [{
"properties": {
"addressRegion": [ "Georgia" ],
"addressLocality": [ "Warner Robins" ],
"streetAddress": [ "1234 Peach Drive" ]
},
"type": [ "http://schema.org/PostalAddress" ]
}],
"url": [ "http://www.JohnnyD.com" ],
"additionalName": [ "Johnny" ],
"affiliation": [ "University of Dreams" ],
"jobTitle": [ "graduate research assistant" ],
"name": [ "John Doe" ]
},
"type": [ "http://schema.org/Person" ]
}]
}
*/
var jsonld = microdata.toJsonld(html, {
base: 'http://www.example.com'
});
console.log(JSON.stringify(jsonld, null, 2));
/*
[{
"@id": "_:0",
"@type": [ "http://schema.org/Person" ],
"http://schema.org/address": [{ "@id": "_:1" }],
"http://schema.org/url": [{ "@id": "http://www.JohnnyD.com" }],
"http://schema.org/additionalName": [{ "@value": "Johnny" }],
"http://schema.org/affiliation": [{ "@value": "University of Dreams" }],
"http://schema.org/jobTitle": [{ "@value": "graduate research assistant" }],
"http://schema.org/name": [{ "@value": "John Doe" }]
}, {
"@id": "_:1",
"@type": [ "http://schema.org/PostalAddress" ],
"http://schema.org/addressRegion": [{ "@value": "Georgia" }],
"http://schema.org/addressLocality": [{ "@value": "Warner Robins" }],
"http://schema.org/streetAddress": [{ "@value": "1234 Peach Drive" }]
}]
*/
microdata.toJson(html, [config])
parses the provided html to microdata json
microdata.toJsonld(html, [config])
parses the provided html to jsonld
options
config.base
: Base url to resolve url properties against.
config.registry
: The registry associates a URI prefix with one or more key-value pairs denoting processor behavior.
config.useRdfType
: (default false
) If set to true, rdf:type
predicates won't be converted to @type
properties.
config.strict
: (default false
) Parse strictly according to spec. Does not try to be forgiving of malformed microdata.
config.useNativeTypes
: (default true
) Converts literals that are numbers or booleans to their corresponding JSOn type.
FAQs
Unknown package
The npm package microdata-node receives a total of 3,485 weekly downloads. As such, microdata-node popularity was classified as popular.
We found that microdata-node demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.