
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
A JavaScript library for converting between UUIDs and Process Street Muids (i.e. micro UUIDs).
A JavaScript library for converting between UUIDs and Process Street micro UUIDs ("Muids").
Muids are URL-safe and take up 31.25% less characters than UUIDs while encoding the same amount of information.
npm install node-muid
You need to import Muid
from the node-muid
package to use this library.
import { Muid } from 'node-muid';
var uuid = '19ab5c32-038b-4ba3-841f-b427f65e1943';
var muid = Muid.fromUuid(uuid);
// = 'hB-0J_ZeGUMZq1wyA4tLow'
The fromUuid
is case-insensitive (i.e. you can pass 19ab5c32-038b-4ba3-841f-b427f65e1943
or 19AB5C32-038B-4BA3-841F-B427F65E1943
and dash-insensitive (i.e. 19ab5c32-038b-4ba3-841f-b427f65e1943
or 19ab5c32038b4ba3841fb427f65e1943
are treated the same).
A toUuid
function is also provided for converting a Muid to a UUID:
var muid = 'hB-0J_ZeGUMZq1wyA4tLow';
var uuid = Muid.toUuid(muid);
// = '19ab5c32-038b-4ba3-841f-b427f65e1943'
The motivation behind Muids is that they take up 22 characters instead of 32. This leads to Muids taking up 31.25% less space in URLs than UUIDs.
This library is available under the MIT license.
FAQs
A JavaScript library for converting between UUIDs and Process Street Muids (i.e. micro UUIDs).
We found that node-muid demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.