Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
spreadsheet-stream
Advanced tools
Readme
Semi-streaming XLS(X) / ODS / QPW (and more) parser.
"Semi" because these spreadsheet formats are not streamable so the whole thing is buffered in memory. Same asexcel-stream
but faster because there's no filesystem IO or child process.
npm i spreadsheet-stream format-data
const sheet = require('spreadsheet-stream')
const format = require('format-data')
const fs = require('fs')
fs.createReadStream('example.xlsx')
.pipe(sheet())
.pipe(format('json'))
.pipe(process.stdout)
NB. Although the underlying parser (xlsx
) also supports non-binary formats like CSV, for those formats you're better off with truly streaming solutions like tabular-stream
(to support both spreadsheets and CSV), csv-parser
or similar. Those are not limited by memory. For a command-line interface, see tabular-cli
.
sheet([options])
Returns a duplex stream of which the writable side takes a spreadsheet and the readable side yields row objects. Options:
maxSize
(number, default 0): destroy stream when more than maxSize
bytes have been written (i.e. reject big files)sheetIndex
(number, default 0): select a sheetsheet
(string, default none): select a sheet by its name. Takes precedence over sheetIndex
.With npm do:
npm install spreadsheet-stream
MIT © 2019-present Vincent Weevers.
FAQs
Semi-streaming XLS(X) / ODS / QPW (and more) parser
The npm package spreadsheet-stream receives a total of 6 weekly downloads. As such, spreadsheet-stream popularity was classified as not popular.
We found that spreadsheet-stream demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.