Research
npm Malware Targets Telegram Bot Developers with Persistent SSH Backdoors
Malicious npm packages posing as Telegram bot libraries install SSH backdoors and exfiltrate data from Linux developer machines.
By Kush Pandya - Apr 18, 2025
You're Invited: Meet the Socket team at BSidesSF and RSAC - April 27 - May 1.RSVP →
What is pad?
The 'pad' npm package is a simple utility for padding strings to a specified length with a given character. It is useful for formatting text output, ensuring consistent string lengths, and aligning text in console applications or logs.
What are pad's main functionalities?
Left Padding
Pads the string 'Hello' with spaces on the left to make its total length 10 characters.
const pad = require('pad');
console.log(pad(10, 'Hello')); // ' Hello'Right Padding
Pads the string 'Hello' with spaces on the right to make its total length 10 characters.
const pad = require('pad');
console.log(pad.right(10, 'Hello')); // 'Hello 'Custom Character Padding
Pads the string 'Hello' with dots on the left to make its total length 10 characters.
const pad = require('pad');
console.log(pad(10, 'Hello', '.')); // '.....Hello'Other packages similar to pad
left-pad
The 'left-pad' package is a popular utility for left-padding strings with a specified character. It is similar to 'pad' but focuses solely on left-padding functionality.
string-pad
The 'string-pad' package provides both left and right padding functionalities, similar to 'pad'. It allows padding with custom characters and offers more flexibility in padding options.
pad-left
The 'pad-left' package is another utility for left-padding strings. It is similar to 'left-pad' and 'pad' but focuses exclusively on left-padding.
Node.js pad
Node Pad is a simple and elegant function to pad strings in both left and right directions. It is written in Typescript and it support both CommonJS and ESM.
Usage
The API is quite simple:
import pad from "pad";
// Or const pad = require("pad")
pad("pad", 5); // "pad "
pad(5, "pad"); // " pad"
pad("pad", 5, "+"); // "pad++"
pad(5, "pad", "+"); // "++pad"
For TypeScript users, the type definition files are located in "./lib/index.d.ts" and declared inside the "package.json" file.
Bundles
Node Pad comes in multiple flavours depending on your target environment:
- CommonJS:
dist/pad.cjs.js
Bundle used by Node.js and compatible with ES5. It is declared inside thepackage.jsonby themainproperty and used by default withrequire("pad")in a Node.js environment. - ES module:
dist/pad.esm.js
Bundle using the ECMAScript standard defined in ES6 for working with modules. The path to the ES module is declared inside thepackage.jsonby themoduleproperty for ESM-aware tools like Rollup and webpack 2+.
The CommonJS syntax to import Node Pad is:
const pad = require("pad/dist/pad.cjs.js");
// Or simply
const pad = require("pad");
While the ES Modules syntax is:
import pad from "pad/dist/pad.esm.js";
// Or for ESM-aware tools
import pad from "pad";
Options
Options are provided as a third argument and are all optional. A string argument it is interpreted as the "char" option. Accepted options include:
char(string)
The character used to fill the gap.colors(boolean)
Ajust to hidden terminal color characters, you may also userequire 'pad/lib/colors'to avoid passing this option.strip(boolean)
Remove characters from text if length smaller than text length, default to "false".fixed_width(boolean)
An optimization option to disable the usage of the wcwdith package to handle the discovery of characters using more than one column for display. one column to displaywcwidth_options(object)
Options passed to the wcwidth package used to calculate the display width of characters using more than one column.
Left padding: pad(length, text, [options])
Left padding occurs when the first argument is a number and the second argument is a string.
import pad from "pad";
pad(5, "pad", "-").should.eql("--pad");
Right padding: pad(text, length, [options])
Right padding occurs when the first argument is a string and the second argument is a number.
import pad from "pad";
pad("pad", 6).should.eql("pad ");
Installing
Starting with version 1.1.0, Node pad rely on Node.js 4.0.0 or more recent. Stick to version 1.0.x if using an older version of Node.js.
Via npm:
npm install pad
Via git (or downloaded tarball), copy or link the project from a discoverable Node.js directory:
git clone http://github.com/adaltas/node-pad.git
Testing
Clone the repo, install the development dependencies and run the suite:
git clone http://github.com/adaltas/node-pad.git .
npm install
make test
Contributors
The project is sponsored by Adaltas based in Paris, France. Adaltas offers support and consulting on distributed systems, big data and open source.
FAQs
Left and right string padding
The npm package pad receives a total of 221,655 weekly downloads. As such, pad popularity was classified as popular.
We found that pad demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 29 Sep 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Python Tools Are Quickly Adopting the New pylock.toml Standard
pip, PDM, pip-audit, and the packaging library are already adding support for Python’s new lock file format.
By Sarah Gooding - Apr 18, 2025
Product
Go Support Is Now Generally Available
Socket's Go support is now generally available, bringing automatic scanning and deep code analysis to all users with Go projects.
By Peter van der Zee, Ryan Eberhardt - Apr 17, 2025