![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
shortstop-handlers
Advanced tools
Readme
A common set of handlers for use with shortstop.
NOTE: As of v1.0 shortstop-handlers
works best with shortstop
>=1.0. This is
due to the fact that as of shortstop v1.0 async handlers are now supported and
have subsequently been added to this module.
var shortstop = require('shortstop'),
handlers = require('shortstop-handlers');
var resolver, json;
resolver = shortstop.create();
resolver.use('path', handlers.path(__dirname));
resolver.use('file', handlers.file(__dirname));
resolver.use('base64', handlers.base64());
resolver.use('env', handlers.env());
resolver.use('require', handlers.require(__dirname));
resolver.use('exec', handlers.exec(__dirname));
resolver.resolve(require('./myfile'), function (err, data) {
// data
});
basedir
(String, optional) - The base path used for resolving relative path values. Defaults to caller
dirname.Creates a handler that can be given to shortstop to resolve file paths.
var foo = {
"mydir": "path:./lib/dir"
};
var resolver = shortstop.create();
resolver.use('path', handlers.path());
resolver.resolve(foo, function (err, data) {
data.mydir; // `/path/to/my/project/lib/dir`
});
basedir
(String, optional) - The base path used for resolving relative path values. Defaults to caller
dirname.options
(Object, optional) - Options object provided to fs.readFile.Creates a handler which resolves the provided value to the basedir and returns the contents of the file as a Buffer.
var foo = {
"cert": "file:./cert.pem"
};
var resolver = shortstop.create();
resolver.use('file', handlers.file());
resolver.resolve(foo, function (err, data) {
foo.cert; // <Buffer 48 65 6c 6c 6f 2c 20 77 6f72 6c 64 21>
});
Creates a handler which will return a buffer containing the content of the base64-encoded string.
var foo = {
"key": "base64:SGVsbG8sIHdvcmxkIQ=="
};
var resolver = shortstop.create();
resolver.use('base64', handlers.base64());
resolver.resolve(foo, function (err, data) {
data.key; // <Buffer 48 65 6c 6c 6f 2c 20 77 6f72 6c 64 21>
data.key.toString('utf8'); // Hello, world!
});
Creates a handler which will resolve the provided value as an environment variable, optionally casting the value using the provided filter. Supported filters are '|d', '|b', and '|!b' which will cast to Number and Boolean types respectively.
process.env.HOST = 'localhost';
process.env.PORT = '8000';
process.env.ENABLED = 'true';
process.env.FALSY = 'false'; // or '', or '0'
var foo = {
"bar": "env:HOST",
"baz": "env:PORT|d",
"bam": "env:ENABLED|b",
"bag": "env:FALSY|b"
"bat": "env:FALSY|!b"
};
var resolver = shortstop.create();
resolver.use('env', handlers.env());
resolver.resolve(foo, function (err, data) {
data.bar; // 'localhost'
data.baz; // 8000
data.bam; // true
data.bag; // false
data.bat; // true
});
basedir
(String, optional) - The base path used for resolving relative path values. Defaults to caller
dirname.Creates a handler which resolves and loads, and returns the specified module.
var foo = {
"path": "require:path",
"minimist": "require:minimist",
"mymodule": "require:./mymodule"
"json": "require:../config/myjson"
};
var resolver = shortstop.create();
resolver.use('require', handlers.require());
resolver.resolve(foo, function (err, data) {
data.path; // Node core `path` module
data.minimist; // `minimist` module as loaded from node_modules
data.mymodule; // module as loaded from `./mymodule.js`
data.json; // JS object as loaded from `../config/myjson.json`
});
basedir
(String, optional) - The base path used for resolving relative path values. Defaults to caller
dirname.Creates a handler which resolves and loads the specified module, executing the method (if specified) or the module itself, using the return value as the resulting value. The value should have the format {module}(#{method})?
. If no function is able to be found this handler will throw with an error.
var foo = {
"item1": "exec:./mymodule#create"
"item2": "exec:./myothermodule"
};
var resolver = shortstop.create();
resolver.use('exec', handlers.exec(__dirname));
resolver.resolve(foo, function (err, data) {
data.item1; // the result of calling mymodule.create()
data.item2; // the result of calling myothermodule()
});
basedir
(String or Object, optional) - The base path use for resolving or a glob
options object per https://github.com/isaacs/node-glob#optionsCreates a handler which match files using the patterns the shell uses.
var foo = {
"files": "glob:**/*.js"
};
var resolver = shortstop.create();
resolver.use('glob', handlers.glob(__dirname));
resolver.resolve(foo, function (err, data) {
data.files[0]; // '/my/dirname/foo/index.js';
data.files[1]; // '/my/dirname/index.js';
});
FAQs
Unknown package
We found that shortstop-handlers demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.