Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
A few stream helpers, abiding by the new-style Node.js stream standards ("Streams2").
npm install streaming
streaming.Glob
new Glob(pattern, options)
inherits stream.Readable
streaming.json.Stringifier
new Stringifier(replacer, space)
inherits streaming.Splitter
streaming.json.Parser
new Parser()
inherits streaming.Splitter
streaming.Mapper
new Mapper(fn)
inherits stream.Transform
streaming.Queue
new Queue(concurrency, worker)
inherits streaming.Mapper
Example:
var streaming = require('streaming');
var lazy_worker = function(task, callback) {
setTimeout(function() {
var json = JSON.stringify(task);
callback(null, json.length + ' after 1s\n');
}, 1000);
};
process.stdin
.pipe(new streaming.Splitter())
.pipe(new streaming.Mapper(JSON.parse))
.pipe(new streaming.Queue(5, lazy_worker))
.pipe(process.stdout);
streaming.Splitter
What used to be streaming.Line
and Rechunker
have been folder into this more generic, more flexible class.
new Splitter(split, opts)
inherits stream.Transform
streaming.Timeout
new Timeout(seconds, opts)
inherits stream.Transform
streaming.Walk
new Walk(root)
inherits stream.Readable
A streaming.Walk
will emit data that are streaming.Walk.Node
objects. A Node
has two fields, .path
, which is relative to the given root
, and .stats
, which is a fs.Stats
object. node.toString()
will return node.path
.
It recurses the filesystem structure depth-first. If the given root
is not a directory, it will only ever emit that file. Otherwise, if root
is a directory, it will be emitted as a data point (just like all other directories under root
as it comes to them). The directory entry itself will always immediately precede its children. The order of children is taken exactly as they produced by fs.readdir
, which seems to be undefined or maybe by creation date (newest first).
fs.Stats
has helper functions .isFile()
and .isDirectory()
, so we can print the paths only files (ignoring directories) like this:
var streaming = require('streaming');
var streaming = require('./');
var walk = new streaming.Walk('/usr/local');
walk.on('error', function(err) {
console.error('error', err);
if (err.code == 'EACCES') {
// if the error is just "access denied", ignore both the error and the file.
// call resume() to carry on as if nothing had happened
walk.resume();
}
else {
console.error('Critical error; not resuming.');
}
});
walk.on('data', function(node) {
// just skip over directories:
if (node.stats.isFile()) {
console.log(node.toString());
}
});
stream.Transform(opts)
results:opts. decodeStrings | opts. objectMode | _writableState. decodeStrings | _writableState. objectMode | _readableState. objectMode |
---|---|---|---|---|
true | true | true | true | true |
false | true | false | true | true |
undefined | true | true | true | true |
true | false | true | false | false |
false | false | false | false | false |
undefined | false | true | false | false |
true | undefined | true | false | false |
false | undefined | false | false | false |
undefined | undefined | true | false | false |
(Only _writableState
has a decodeStrings
field.)
Copyright © 2013 Christopher Brown. MIT Licensed.
FAQs
Transforms and other streaming helpers
The npm package streaming receives a total of 253 weekly downloads. As such, streaming popularity was classified as not popular.
We found that streaming demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.