
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
node-definer
Advanced tools
A dictionaryapi.com proxy. Make requests to dictionaryapi.com to define words using their collegiate api, and get synonyms/antonyms with their thesaurus api
Definer is a proxy utility for communicating with dictionaryapi.com to quickly define word[s] in your prefered CLI, primarly as a TUI (Text User Interface).
Simply install, add your api key and start defining!
> npm install -g node-definer
> node-definer --setup
> node-definer onomatopoeia
onomatopoeia ⌜noun⌟ ⨳ on*o*mato*poe*ia
pronounced: ˌä-nə-ˌmä-tə-ˈpē-ə
/ onomatopoeia; onomatopoeias; onomatopoeic; onomatopoeically; onomatopoetic; onomatopoetically /
∘ the naming of a thing or action by a vocal imitation of the sound associated with it (such as buzz, hiss); also : a word formed by onomatopoeia
∘ the use of words whose sound suggests the sense
? Select an option for more info or press CTRL+C to quit
(Use arrow keys)
> speak
There are 3 possible actions to execute after defining a word:
speak
: plays the pronounciation in your default browsersynonyms
: displays a list of synonymsantonyms
: displays a list of antonymsNote: synonyms and antonyms are only provided if you also include a thesaurus api key during setup
Your requests are cached in a sqlite database so that you don't exhaust your api quota on requests you've made in the past
Though this package is intended to be largely used via a CLI, there is some minimal support for importing a Definer class to define words.
The difference in the lightweight class support is that it will only return the response matches as-is, if any. It will not pretty format anything and it will also not include thesaurus support, even if you provide an api key in the CLI setup.
This is intentional, because often most defined words have multiple meanings, or matches, so it's uncertain which one[s] you need synonyms/antonyms for.
There is no need to perpetually exhaust your api quota limit to retrieve them all for 'just-in-case'
An example:
const Definer = require('node-definer');
const definer = new Definer('<collegiate api key>');
definer.define('onomatopoeia')
.then(matches => console.log(matches[0]))
.catch(console.log);
//logs
ApiResponseMatch {
headwordinfo: ApiResponseMatchHeadwordInfo {
headword: 'on*o*mato*poe*ia',
pronounciations: [
[ApiResponseMatchPronounciation],
[ApiResponseMatchPronounciation]
],
alternates: []
},
labels: ApiResponseMatchLabels {
functional: 'noun',
general: [],
parenthesized: null
},
definitions: ApiReponseMatchDefinition {
shortdefs: [
'the naming of a thing or action by a vocal imitation of the sound associated with it (such as buzz, hiss); also : a word formed by onomatopoeia',
'the use of words whose sound suggests the sense'
]
},
id: 'onomatopoeia',
query: 'onomatopoeia',
uuid: '32bb5182-d079-4291-aff2-c3ad25b3779f',
stems: [
'onomatopoeia',
'onomatopoeias',
'onomatopoeic',
'onomatopoeically',
'onomatopoetic',
'onomatopoetically'
],
date: 'circa 1553{ds||1||}'
}
FAQs
A dictionaryapi.com proxy. Make requests to dictionaryapi.com to define words using their collegiate api, and get synonyms/antonyms with their thesaurus api
The npm package node-definer receives a total of 0 weekly downloads. As such, node-definer popularity was classified as not popular.
We found that node-definer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.