Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
punycode
Advanced tools
Package description
The punycode npm package is a robust library for encoding and decoding Unicode with Punycode. It's useful for internationalization and handling Unicode domain names and email addresses.
Encoding to Punycode
Converts a Unicode string to a Punycode string (ASCII). Mainly used for domain names.
punycode.encode('mañana') // => 'maana-pta'
Decoding from Punycode
Converts a Punycode string (ASCII) back to a Unicode string. Useful for displaying human-readable text.
punycode.decode('maana-pta') // => 'mañana'
Unicode to ASCII conversion for domain names
Converts a Unicode domain name to an ASCII-compatible encoding (ACE) domain name.
punycode.toASCII('español.example.com') // => 'xn--espaol-zwa.example.com'
ASCII to Unicode conversion for domain names
Converts an ASCII-compatible encoding (ACE) domain name back to a Unicode domain name.
punycode.toUnicode('xn--espaol-zwa.example.com') // => 'español.example.com'
A library that implements IDNA (Internationalized Domain Names in Applications) to Punycode conversion using the latest Unicode version. It's similar to punycode but follows the IDNA 2008 protocol, which is more up-to-date compared to the IDNA 2003 protocol that punycode follows.
This package provides a simple API for converting between Unicode and Punycode in URLs. It's similar to punycode but is more focused on URL-specific transformations.
Readme
Punycode.js is a robust Punycode converter that fully complies to RFC 3492 and RFC 5891.
This JavaScript library is the result of comparing, optimizing and documenting different open-source implementations of the Punycode algorithm:
punycode.c
by Markus W. Scherer (IBM)punycode.c
by Ben Noordhuispunycode.js
by Ben Noordhuis (note: not fully compliant)This project was bundled with Node.js from v0.6.2+ until v7 (soft-deprecated).
The current version supports recent versions of Node.js only. It provides a CommonJS module and an ES6 module. For the old version that offers the same functionality with broader support, including Rhino, Ringo, Narwhal, and web browsers, see v1.4.1.
Via npm:
npm install punycode --save
In Node.js:
⚠️ Note that userland modules don't hide core modules. For example,
require('punycode')
still imports the deprecated core module even if you executednpm install punycode
. Userequire('punycode/')
to import userland modules rather than core modules.
const punycode = require('punycode/');
punycode.decode(string)
Converts a Punycode string of ASCII symbols to a string of Unicode symbols.
// decode domain name parts
punycode.decode('maana-pta'); // 'mañana'
punycode.decode('--dqo34k'); // '☃-⌘'
punycode.encode(string)
Converts a string of Unicode symbols to a Punycode string of ASCII symbols.
// encode domain name parts
punycode.encode('mañana'); // 'maana-pta'
punycode.encode('☃-⌘'); // '--dqo34k'
punycode.toUnicode(input)
Converts a Punycode string representing a domain name or an email address to Unicode. Only the Punycoded parts of the input will be converted, i.e. it doesn’t matter if you call it on a string that has already been converted to Unicode.
// decode domain names
punycode.toUnicode('xn--maana-pta.com');
// → 'mañana.com'
punycode.toUnicode('xn----dqo34k.com');
// → '☃-⌘.com'
// decode email addresses
punycode.toUnicode('джумла@xn--p-8sbkgc5ag7bhce.xn--ba-lmcq');
// → 'джумла@джpумлатест.bрфa'
punycode.toASCII(input)
Converts a lowercased Unicode string representing a domain name or an email address to Punycode. Only the non-ASCII parts of the input will be converted, i.e. it doesn’t matter if you call it with a domain that’s already in ASCII.
// encode domain names
punycode.toASCII('mañana.com');
// → 'xn--maana-pta.com'
punycode.toASCII('☃-⌘.com');
// → 'xn----dqo34k.com'
// encode email addresses
punycode.toASCII('джумла@джpумлатест.bрфa');
// → 'джумла@xn--p-8sbkgc5ag7bhce.xn--ba-lmcq'
punycode.ucs2
punycode.ucs2.decode(string)
Creates an array containing the numeric code point values of each Unicode symbol in the string. While JavaScript uses UCS-2 internally, this function will convert a pair of surrogate halves (each of which UCS-2 exposes as separate characters) into a single code point, matching UTF-16.
punycode.ucs2.decode('abc');
// → [0x61, 0x62, 0x63]
// surrogate pair for U+1D306 TETRAGRAM FOR CENTRE:
punycode.ucs2.decode('\uD834\uDF06');
// → [0x1D306]
punycode.ucs2.encode(codePoints)
Creates a string based on an array of numeric code point values.
punycode.ucs2.encode([0x61, 0x62, 0x63]);
// → 'abc'
punycode.ucs2.encode([0x1D306]);
// → '\uD834\uDF06'
punycode.version
A string representing the current Punycode.js version number.
Mathias Bynens |
Punycode.js is available under the MIT license.
FAQs
A robust Punycode converter that fully complies to RFC 3492 and RFC 5891, and works on nearly all JavaScript platforms.
The npm package punycode receives a total of 73,982,721 weekly downloads. As such, punycode popularity was classified as popular.
We found that punycode demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.