Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
multi-number-parse
Advanced tools
Library for parsing numbers in any valid format.
This library was motivated by the need to support a wide range of number formats from users. Users sometime paste prices, percentages and whatnot from spreadsheets or websites, and we couldn't force them to always use either the international format ("12345.67") or the specific user locale.
npm install multi-number-parse --save-prod
This library always returns a number, even if that number is Number.NaN
. Usage is very simple:
import parse from 'multi-number-parse';
parse('2,543.56'); // returns 2543.56
parse('10 654.1234'); // returns 10654.1234
parse('2.654$10'); // returns 2654.1
parse('2,45EUR'); // extra suff at the end is stripped, returns 2.45
parse('-2,543.56'); // negative numbers are OK, returns -2543.56
parse('10 345,234.21'); // returns NaN, too many different separators
parse('1.123.234,534,234'); // returns NaN, impossible to detect the decimal separator
parse('10.4,2'); // returns NaN, malformed digit groups
parse('1.123.2'); // returns NaN, also malformed digit groups
What happens if a number like 1.234
is passed? What about 1,234
? It's an ambiguous situation,
because the library can't detect if it's an integer or a float - at least not automatically.
That's why there's a second parameter, in which you can hint at what the standard decimal separator
should be. By default, that separator is .
(dot).
parse('1.234'); // returns 1.234
parse('1,234'); // returns 1234
parse('1.234', ','); // returns 1234
parse('1,234', ','); // returns 1.234
Found a bug? Feel free to open an issue or make a pull request. Always include tests, either for the bug or for your changes.
GNU Lesser General Public License v3.0 or later
FAQs
Library for parsing numbers in any valid format.
The npm package multi-number-parse receives a total of 190 weekly downloads. As such, multi-number-parse popularity was classified as not popular.
We found that multi-number-parse demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.