Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
node-stringprep
Advanced tools
Readme
Exposes predefined Unicode normalization functions that are required by many protocols. This is just a binding to ICU, which is said to be fast..
If ICU is not available then we make use of JavaScript fallbacks.
var StringPrep = require('node-stringprep').StringPrep;
var prep = new StringPrep('nameprep');
prep.prepare('Äffchen') // => 'äffchen'
For a list of supported profiles, see node-stringprep.cc
Javascript fallbacks can be disabled/enabled using the following methods on the StringPrep
object:
var prep = new StringPrep('resourceprep')
prep.disableJsFallbacks()
prep.enableJsFallbacks()
Javascript fallbacks are enabled by default. You can also check to see if native icu
bindings can/will be used by calling the isNative()
method:
var prep = new StringPrep('resourceprep')
prep.isNative() // true or false
We also implement the ToASCII and ToUnicode operations as defined in the IDNA RFC 3490. These routines convert Unicode to ASCII with NamePrep and then with Punycode, and vice versa.
var nodeStringPrep = require('node-stringprep');
nodeStringPrep.toASCII('i♥u') // 'xn--iu-t0x'
nodeStringPrep.toUnicode('xn--iu-t0x') // 'i♥u'
The operations can be finessed with an optional second argument, a set of boolean flags:
nodeStringPrep.toASCII('i♥u', {
allowUnassigned: true, // allow unassigned code points to be converted
throwIfError: true, // throw exception if error, don't return string unchanged
useSTD3Rules: true // use the STD3 ASCII rules for host names
})
nodeStringPrep.toUnicode('xn--iu-t0x', {
allowUnassigned: true // allow unassigned code points to be converted
})
npm i node-stringprep
If libicu
isn't available installation will gracefully fail and javascript fallbacks will be used.
If experiencing issues with node-gyp please see https://github.com/TooTallNate/node-gyp/issues/363 which may be able to help.
apt-get install libicu-dev
yum install libicu-devel
emerge icu
port install icu +devel
sudo ln -s /opt/boxen/homebrew/Cellar/icu4c/52.1/bin/icu-config /usr/local/bin/icu-config
sudo ln -s /opt/boxen/homebrew/Cellar/icu4c/52.1/include/* /usr/local/include
brew install icu4c
ln -s /usr/local/Cellar/icu4c/<VERSION>/bin/icu-config /usr/local/bin/icu-config
ln -s /usr/local/Cellar/icu4c/<VERSION>/include/* /usr/local/include
If experiencing issues with 'homebrew' installing version 50.1 of icu4c, try the following:
brew search icu4c
brew tap homebrew/versions
brew versions icu4c
cd $(brew --prefix) && git pull --rebase
git checkout c25fd2f $(brew --prefix)/Library/Formula/icu4c.rb
brew install icu4c
npm test
FAQs
ICU StringPrep profiles
The npm package node-stringprep receives a total of 77 weekly downloads. As such, node-stringprep popularity was classified as not popular.
We found that node-stringprep demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.