Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
npm install speak-tts
Speech synthesis (tts) for the browser. Wrapping the browser Speech Synthesis API (https://developer.mozilla.org/en-US/docs/Web/API/SpeechSynthesis) and providing a similar interface, it improves it by :
Work in Chrome, opera and Safari (including ios8 and ios9 devices). Tested successfully on Ipad and Android. See browser support here : http://caniuse.com/#feat=speech-synthesis
Here is a demo: Here
Import the library :
import Speech from 'speak-tts' // es6
// var Speech = require('speak-tts') //if you use es5
Check for browser support :
const speech = new Speech() // will throw an exception if not browser supported
if(speech.hasBrowserSupport()) { // returns a boolean
console.log("speech synthesis supported")
}
Init the speech component :
const speech = new Speech()
speech.init().then((data) => {
// The "data" object contains the list of available voices and the voice synthesis params
console.log("Speech is ready, voices are available", data)
}).catch(e => {
console.error("An error occured while initializing : ", e)
})
You can pass the following properties to the init function:
// Example with full conf
Speech.init({
'volume': 1,
'lang': 'en-GB',
'rate': 1,
'pitch': 1,
'voice':'Google UK English Male',
'splitSentences': true,
'listeners': {
'onvoiceschanged': (voices) => {
console.log("Event voiceschanged", voices)
}
}
})
Read a text :
speech.speak({
text: 'Hello, how are you today ?',
}).then(() => {
console.log("Success !")
}).catch(e => {
console.error("An error occurred :", e)
})
You can pass the following properties to the speak function:
Read a text (example with all params):
speech.speak({
text: 'Hello, how are you today ?',
queue: false // current speech will be interrupted,
listeners: {
onstart: () => {
console.log("Start utterance")
},
onend: () => {
console.log("End utterance")
},
onresume: () => {
console.log("Resume utterance")
},
onboundary: (event) => {
console.log(event.name + ' boundary reached after ' + event.elapsedTime + ' milliseconds.')
}
}
}).then(() => {
console.log("Success !")
}).catch(e => {
console.error("An error occurred :", e)
})
Set language (note that the language must be supported by the client browser) :
Speech.setLanguage('en-US')
Set the voice (note that the voice must be supported by the client browser) :
Speech.setVoice('Fiona') // you can pass a SpeechSynthesisVoice as returned by the init() function or just its name
Set the rate :
Speech.setRate(1)
Set the volume :
Speech.setVolume(1)
Set the pitch :
Speech.setPitch(1)
Pause talking in progress:
Speech.pause()
Resume talking in progress:
Speech.resume()
Cancel talking in progress:
Speech.cancel()
Get boolean indicating if the utterance queue contains as-yet-unspoken utterances:
Speech.pending()
Get boolean indicating if talking is paused:
Speech.paused()
Get boolean indicating if talking is in progress:
Speech.speaking()
ar-SA
cs-CZ
da-DK
de-DE
el-GR
en
en-AU
en-GB
en-IE
en-IN
en-US
en-ZA
es-AR
es-ES
es-MX
es-US
fi-FI
fr-CA
fr-FR
he-IL
hi-IN
hu-HU
id-ID
it-IT
ja-JP
ko-KR
nb-NO
nl-BE
nl-NL
pl-PL
pt-BR
pt-PT
ro-RO
ru-RU
sk-SK
sv-SE
th-TH
tr-TR
zh-CN
zh-HK
zh-TW
These will be added soon. Please do not hesitate to add some !
I am a full-stack Javascript developer based in Lyon, France.
speak-tts is dual licensed under the MIT license and GPL. For more information click here.
FAQs
Browser TTS (using Web speech API) made easy
The npm package speak-tts receives a total of 2,391 weekly downloads. As such, speak-tts popularity was classified as popular.
We found that speak-tts demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.