Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Readme
require a plain text or binary file in node.js
$ npm install rfile
var rfile = require('rfile');
var text = rfile('./my-text-file.txt');
var mochaReadme = rfile('mocha/readme.md');
var mochaSource = rfile('mocha');
var image = rfile('image.png', {binary: true});
Uses rfile.resolve
(see below) to look up your file pkg
. This means it supports all the same options as rfile.resolve
. Having found the file, it does the following:
return options.binary ? read(path) : fixup(read(path).toString());
options.binary
defaults to false
and fixup
removes the UTF-8 BOM if present and removes any \r
characters (added to newlines on windows only).
Internally, resolve is used to lookup your package, so it supports all the same options as that. In addition t defaults basedir
to the directory of the function which called rfile
or rfile.resolve
.
The additional option exclude
is useful if you wanted to create a wrapper arround this. It specifies the filenames not to consider for basedir
paths. For example, you could create a module called ruglify
for requiring and minifying JavaScript in one go.
ruglify.js
var rfile = require('rfile');
var uglify require('uglify-js').minify;
module.exports = ruglify;
function ruglify(path, options) {
return minify(rfile.resolve(path, {exclude: [__filename]}), options).code;
}
resolve
__dirname
of the calling module for rfile
)['.js', '.json']
for rfile
)One of the interesting features of this is that it respects the main
field of package.json files. Say you had a module called foo
, you could have a package.json like:
{
"name": "foo",
"version": "1.0.0",
"main": "./foo"
}
You might then have a foo.js
file, containing the JavaScript code of the module, and a foo.css
file containing the stylesheet for the module when used in the browser. Using rfile
you could load the css by simply calling:
rfile('foo', {extensions: ['.css']});
MIT
FAQs
Require a plain text or binary file in node.js
The npm package rfile receives a total of 13,696 weekly downloads. As such, rfile popularity was classified as popular.
We found that rfile demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.