Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
nativescript-toolbox-sw
Advanced tools
nativescript-toolbox-sw
Fork of nativescript-toolbox - A NativeScript module that is a composition of useful classes, tools and helpers.
NativeScript Toolbox
A NativeScript module that is a composition of useful classes, tools and helpers.
The module contains the following sub modules:
| Name | Description |
|---|---|
| crypto-js | Library of crypto standards. |
| JS-YAML | YAML 1.2 parser / writer. |
| markdown | Markdown parser. |
| Moment | A lightweight JavaScript date library for parsing, validating, manipulating, and formatting dates. |
| nativescript-apiclient | Simply call HTTP based APIs. |
| nativescript-batch | Implement batch operations. |
| nativescript-bitmap-factory | Create and manipulate bitmap images. |
| nativescript-email | An Email plugin for use in your NativeScript app. You can use it to compose emails, edit the draft manually, and send it. |
| nativescript-enumerable | Provides LINQ style extensions for handling arrays and lists. |
| nativescript-lazy | Provides an OOP version of the build-in lazy function. |
| nativescript-routed-values | Implement routed value graphs. |
| nativescript-sqlite (free) | Provides sqlite actions. |
| nativescript-stringformat | Helpers for handling strings. |
| nativescript-xmlobjects | Handles XML data as objects similar to LINQ to XML. |
License
Platforms
- Android
- iOS
Installation
Run
tns plugin add nativescript-toolbox
inside your app project to install the module.
Usage
import Toolbox = require('nativescript-toolbox');
The module provides the following function that are short hands for the included sub modules:
| Name | Description |
|---|---|
| allowToSleep | Allows the device to go to sleep mode (based on nativescript-insomnia). |
| asBitmap | Returns a value as bitmap object. |
| asEnumerable | Returns a value as sequence. |
| createBitmap | Creates a new bitmap. |
| decrypt | Decrypts a value / an object with AES. |
| encrypt | Encrypts a value / an object with AES. |
| format | Formats a string. |
| formatArray | Formats a string. |
| fromMarkdown | Converts Markdown code. |
| fromXml | Alias for 'parseXml'. |
| fromYaml | Alias for 'parseYaml'. |
| getApplicationContext | Returns the current application context. |
| getClipboard | Returns an object that handles the clipboard of the device. |
| getNativeView | Returns the native view of the app. |
| getOrientation | Gets the current orientation of the device (based on nativescript-orientation). |
| getPlatform | Returns information of the current platform. |
| getValue | Tries to return a value / object that is stored in the application settings. |
| guid | Alias for 'uuid'. |
| hash | Generic hash function. |
| hasValue | Checks if a value / object is stored in the application settings. |
| hideStatusBar | Short hand function for 'setStatusBarVisibility' for hiding the status bar. |
| invokeForConnectivity | Invokes logic for a specific connectivity type. Requires permissions on Android (android.permission.ACCESS_NETWORK_STATE), e.g. |
| invokeForOrientation | Invokes a callback for specific orientation mode. |
| invokeForPlatform | Invokes an action for a specific platform. |
| isEnumerable | Checks if a value is a sequence. |
| keepAwake | Keeps the device awake (based on nativescript-insomnia). |
| markdownToHtml | Short hand for 'fromMarkdown()' with HTML as target format. |
| markdownToJson | Short hand for 'fromMarkdown()' with JSON as target format. |
| md5 | Hashes a value with MD5. |
| newBatch | Creates a new batch. |
| newClient | Creates a new API client. |
| now | Gets the current time. |
| openDatabase | Opens a (SQLite) database (connection). |
| openUrl | Open an URL on the device. |
| openWifiSettings | Opens the WiFi settings on the device. |
| parseXml | Parses a XML string to an object. |
| parseYaml | Parses YAML data to an object. |
| removeValue | Removes a value / object that is stored in the application settings. |
| setStatusBarVisibility | Changes the visibility of the device's status bar (based on nativescript-status-bar). |
| setValue | Stores a value / object in the application settings. |
| sha1 | Hashes a value with SHA-1. |
| sha256 | Hashes a value with SHA-256. |
| sha3 | Hashes a value with SHA-3. |
| sha384 | Hashes a value with SHA-384. |
| sha512 | Hashes a value with SHA-512. |
| showStatusBar | Short hand function for 'setStatusBarVisibility' for showing the status bar. |
| startMonitoringForConnectivity | Starts monitoring for connectivity (changes). Requires permissions on Android (android.permission.ACCESS_NETWORK_STATE), e.g. |
| stopMonitoringForConnectivity | Stops monitoring for connectivity. Requires permissions on Android (android.permission.ACCESS_NETWORK_STATE), e.g. |
| toYaml | Converts an object / a value to YAML. |
| uuid | Creates a new unique ID / GUID (s. Create GUID / UUID in JavaScript?). |
| vibrate | Vibrates the device. Requires permissions on Android (android.permission.VIBRATE), e.g. (based on nativescript-vibrate) |
Sub modules
crypto-js
Here are some examples of common algorithms:
Encrypters
var AES = require("nativescript-toolbox/crypto-js/aes");
Hashes
var MD5 = require('nativescript-toolbox/crypto-js/md5');
var SHA1 = require('nativescript-toolbox/crypto-js/sha1');
var SHA256 = require('nativescript-toolbox/crypto-js/sha256');
var SHA3 = require('nativescript-toolbox/crypto-js/sha3');
var SHA384 = require('nativescript-toolbox/crypto-js/sha384');
var SHA512 = require('nativescript-toolbox/crypto-js/sha512');
JS-YAML
var YAML = require('nativescript-toolbox/js-yaml');
markdown
var Markdown = require('nativescript-toolbox-sw/markdown').markdown;
var json = Markdown.parse('Vessel | Captain\n-----------|-------------\nNCC-1701 | James T Kirk\nNCC-1701 A | James T Kirk\nNCC-1701 D | Picard',
'Maruku');
var html = Markdown.toHTML('Vessel | Captain\n-----------|-------------\nNCC-1701 | James T Kirk\nNCC-1701 A | James T Kirk\nNCC-1701 D | Picard',
'Maruku');
Moment
import Moment = require('nativescript-toolbox/moment');
nativescript-apiclient
import ApiClient = require('nativescript-toolbox/apiclient');
nativescript-batch
import Batch = require('nativescript-toolbox/batch');
nativescript-bitmap-factory
import BitmapFactory = require('nativescript-toolbox/bitmap-factory');
nativescript-email
import Email = require('nativescript-toolbox/email');
nativescript-enumerable
import Enumerable = require('nativescript-toolbox/enumerable');
nativescript-lazy
import Lazy = require('nativescript-toolbox/lazy');
nativescript-routed-values
import RoutedValues = require('nativescript-toolbox/routed-values');
nativescript-sqlite
var SQLite = require('nativescript-toolbox/sqlite');
nativescript-stringformat
import StringFormat = require('nativescript-toolbox/stringformat');
nativescript-xmlobjects
import XmlObjects = require('nativescript-toolbox/xmlobjects');
FAQs
Fork of nativescript-toolbox - A NativeScript module that is a composition of useful classes, tools and helpers.
We found that nativescript-toolbox-sw demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 25 Dec 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025