Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
mimic-response
Advanced tools
The mimic-response npm package is designed to copy properties from one response-like object to another. This is particularly useful when you are working with streams and you want to retain the original response properties after modifying or replacing the response stream.
Copying response properties
This feature allows you to copy properties from an HTTP response object to another stream. In this code sample, an HTTP GET request is made, and the response is piped through a new PassThrough stream, but before that, all properties of the original response are copied to the new stream using mimicResponse.
const http = require('http');
const mimicResponse = require('mimic-response');
http.get('http://example.com', (res) => {
const customResponse = new stream.PassThrough();
mimicResponse(res, customResponse);
res.pipe(customResponse);
});
The clone-response package is similar to mimic-response in that it is used to clone the response object of a Node.js HTTP response. However, clone-response creates a clone of the response stream that can be read again, while mimic-response copies the properties without creating a new readable stream.
The responselike package is designed to create an object that mimics the Node.js response object. It is similar to mimic-response but is used to create a new response-like object from scratch rather than copying properties from an existing response object.
Mimic a Node.js HTTP response stream
$ npm install mimic-response
import {PassThrough as PassThroughStream} from 'node:stream';
import mimicResponse from 'mimic-response';
const responseStream = getHttpResponseStream();
const myStream = new PassThroughStream();
mimicResponse(responseStream, myStream);
console.log(myStream.statusCode);
//=> 200
Note #1: The from.destroy(error)
function is not proxied. You have to call it manually:
import {PassThrough as PassThroughStream} from 'node:stream';
import mimicResponse from 'mimic-response';
const responseStream = getHttpResponseStream();
const myStream = new PassThroughStream({
destroy(error, callback) {
responseStream.destroy();
callback(error);
}
});
myStream.destroy();
Please note that myStream
and responseStream
never throw. The error is passed to the request instead.
Type: Stream
Type: Stream
Any stream.
FAQs
Mimic a Node.js HTTP response stream
We found that mimic-response demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.