Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
The term-size npm package is a simple utility that allows you to get the size (width and height) of the terminal window in which your Node.js application is running. It's particularly useful for CLI applications that need to adjust their output based on the available terminal space.
Get Terminal Size
This feature allows you to retrieve the current size of the terminal (width as columns and height as rows). The code sample demonstrates how to use term-size to get the terminal dimensions and then print them to the console.
const termSize = require('term-size');
const {columns, rows} = termSize();
console.log(`Columns: ${columns}, Rows: ${rows}`);
Similar to term-size, window-size is a package that can be used to get the size of the terminal window. However, window-size offers additional methods for getting size information based on different criteria (e.g., environment variables, tty dimensions), which might make it more versatile in certain scenarios.
cli-width is another package that provides functionality to get the width of the terminal. Unlike term-size, which provides both width and height, cli-width focuses solely on the width aspect. This makes it a simpler choice if width is the only dimension you care about.
Reliably get the terminal window size
Because process.stdout.columns
doesn't exist when run non-interactively, for example, in a child process or when piped. This module even works when all the TTY file descriptors are redirected!
Confirmed working on macOS, Linux, and Windows.
$ npm install term-size
import terminalSize from 'term-size';
terminalSize();
//=> {columns: 143, rows: 24}
Returns an object
with columns
and rows
properties.
The bundled macOS binary is signed and hardened.
FAQs
Reliably get the terminal window size (columns & rows)
The npm package term-size receives a total of 3,512,523 weekly downloads. As such, term-size popularity was classified as popular.
We found that term-size demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.