
Security News
/Research
Compromised Injective SDK npm Package Exfiltrates Wallet Keys and Mnemonics
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.
multimatch
Advanced tools
Extends
minimatch.match()with support for multiple patterns
npm install multimatch
import multimatch from 'multimatch';
multimatch(['unicorn', 'cake', 'rainbows'], ['*', '!cake']);
//=> ['unicorn', 'rainbows']
See the tests for more usage examples and expected matches.
Returns an array of matching paths in the order of input paths.
Type: string | string[]
The paths to match against.
Type: string | string[]
Globbing patterns to use. For example: ['*', '!cake']. See supported minimatch patterns.
Type: object
See the minimatch options.
Positive patterns (e.g. foo or *) add to the results, while negative patterns (e.g. !foo) subtract from the results.
Therefore a lone negation (e.g. ['!foo']) will never match anything. Use ['*', '!foo'] instead.
Just a quick overview.
* matches any number of characters, but not /? matches a single character, but not /** matches any number of characters, including /, as long as it's the only thing in a path part{} allows for a comma-separated list of "or" expressions! at the beginning of a pattern will negate the matchThe 'glob' package provides similar functionality for matching files using glob patterns. Unlike multimatch, glob interacts directly with the filesystem to filter files based on patterns. This makes it more suited for operations that require reading from or writing to the disk, but less convenient for filtering an existing list of file paths.
The 'minimatch' package is the core matching library behind multimatch. It offers the fundamental functionality for pattern matching but does so on a one-pattern-at-a-time basis. Multimatch extends this by allowing multiple patterns to be used simultaneously, making it more convenient for complex matching scenarios.
FAQs
Extends `minimatch.match()` with support for multiple patterns
The npm package multimatch receives a total of 4,957,429 weekly downloads. As such, multimatch popularity was classified as popular.
We found that multimatch demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.

Security News
npm v12 is generally available, turning install scripts off by default and beginning the deprecation of 2FA-bypass publishing tokens.

Research
/Security News
Socket tracks the activity as Operation “Muck and Load”: a threat actor uses commit-farming workflows, public dead drops, and protected archives to stage Windows RAT and infostealer malware.