
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
stream-json-clipboard
Advanced tools
This is a utility to stream a key from a json stream into your clipboard.
$ npm install stream-json-clipboard -g
$ stream-json-clipboard -k <key> [ flags ]
Right now this tool way built for a specific reason which was to automate the process of writting update emails. So in tandum with this module I built node-git-activity which makes streaming json data from commits very easy. Now I can do things like.
$ git-activity --me --json | stream-json-clipboard --humanize --prefix '- ' --key message
This will give me a nice, days worth, of comit messages explaining what I have done for that day. Now I just paste that information into my gmail.
-k, --key The key to copy to clipboard
-h, --humanize Flag to change output to human readable ( removes dashs, slashs, etc )
-p, --prefix Prefix each line with given input.
FAQs
Stream a key from a json stream into your clipboard
The npm package stream-json-clipboard receives a total of 0 weekly downloads. As such, stream-json-clipboard popularity was classified as not popular.
We found that stream-json-clipboard demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.