Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
This is a javascript implementation of a queue data structure.
A queue data structure models the notion of 'First in First Out', or FIFO— image the line at the grocery store. The first item to be removed from a queue is the first item placed in the queue. Basically, the order in which items are placed in the queue matters.
This particular implementation utilizes a linked list as the underlying data structure. This offers several benefits.
We can leverage the work that has already been done to implement the linked list.
This lends itself to a level of composition and abstraction which greatly simplifies this implementation. It provides a wrapper around only those methods of the linked list that we need to construct the properties of a queue data structure.
The 'queue' or 'dequeue' operations can be completed in O(1) time.
No additional overhead is required to 'resize' the data structure to add more elements to the queue. When elements are 'queued' up in the queue, the underlying linked list will adjust its size dynamically.
For specific examples and documentation, see the below sections
The main purpose of this project is revisit the basics, and focus on the development process.
I wholehearedly acknowledge that the basic data structure space is populated with well-written code and efficient implementations, and one could easily grab one of those libraries and integrate it in their project. However, the main difference between those libraries/implementations and this one is that this is the best implementation I have ever written. My hope is that someone else will find this useful, but understand, this code is not the goal; this will simply be a useful bi-product of the journey. The underlying motivation is to understand and, more importantly, learn from the process to get to the desired end-state—for me it is all about the joy of the journey.
Although this implementation is designed to be used with
Node.js, it could be used in other contexts with minor
modifications. This implementation does not have any external dependencies
that would preclude it from being used in the browser--just include it with a
<script>
tag and it should be good to go. Disclaimer: I have not tested
this implementation in any other context/environment; only tested with node.js
Install with npm :
npm install queue-fifo --save
Install with yarn :
yarn add queue-fifo
Basic usage example below. Note: it does not cover all the available methods, rather just highlights the main functionality to get up and running with this data structure. For a description of all the methods, see the API section.
var Queue = require('queue-fifo');
var queue = new Queue();
queue.isEmpty();
// --> true
queue.enqueue('data item 1');
queue.enqueue('data item 2');
queue.enqueue('data item 3');
queue.enqueue('data item 4');
// queue contains:
// 'data item 1', <-- front
// ... ,
// 'data item 4'
queue.isEmpty();
// --> false
queue.size();
// --> 4
queue.dequeue();
// --> removes 'data item 1'
queue.peek()
// --> 'data item 2'
queue.size();
// --> 3
queue.clear();
queue.isEmpty();
// --> true
TypeScript definitions are also provided:
import Queue = require('queue-fifo');
let stringQueue = new Queue<string>();
let numberQueue = new Queue<number>();
Available methods for a queue instance:
Determines if the queue is empty or not. Returns true if is empty, false otherwise.
Returns the size of the queue, or number of items
Clears the queue of all data
Adds an new item containing 'data' to the back of the queue
Removes the item from the front of the queue
Returns the data of the item at the front of the queue, but does not remove it
MIT © Jason Jones
FAQs
Javascript implementation of a queue data structure
The npm package queue-fifo receives a total of 4,913 weekly downloads. As such, queue-fifo popularity was classified as popular.
We found that queue-fifo demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.