Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
thrustcurve-db
Advanced tools
ThrustCurve.org model rocket motor and thrust curve data as a single JSON file
ThrustCurve.org model rocket motor data as a static data structure (plus misc. utility functions).
This module is a rebundling of the rocket motor data available on John Coker's thrustcurve.org website ("TC"). The dataset includes data for all motors in the ThrustCurve API ("search" endpoint), and is a field-by-field translation of what is found in the "search" endpoint, with the following changes:
discontinued
field (see https://github.com/JohnCoker/thrustcurve3/issues/35)samples
array. These are normalized to always have [0, 0]
as the first data point. In cases where a motor has more than one thrust sample file the first "cert"(ified) file found is used, otherwise the samples are from whichever file the API returned first. (This typically isn't an issue since most thrust curves are very similar, but there are some cases where they differ significantly).License & Support
You know the drill ...
npm i thrustcurve-db
import MOTORS, {parseDelays, unparseDelays} from 'thrustcurve-db';
// `MOTORS` is a Motor[] array.
for (const motor of MOTORS) {
// See `thrustcurve-db.d.ts` for Motor structure details.
console.log(motor); // Spew data for ~1,100 motors to console
}
// parseDelays() parses a motor `delays` value to determine the
// delay options. The returned Object has the following properties:
//
// times: Number[] array of possible delay times (seconds)
// plugged: true if motor has a "Plugged" configuration
//
// Aerotech delays (S, M, L, X) are transformed as follows:
// S -> 0-6
// M -> 0-10
// L -> 0-14
// X -> 0-18
//
// Note: `times` are guaranteed to be unique and in ascending order.
// E.g. `parseDelays('L, S')` and `parseDelays('1, 5, M, L')` will
// produce the same result.
parseDelays('S, 16, P'); // -> {
// times: [0,1,2,3,4,5,6,16],
// plugged: true
// }
// unparseDelays(parsed) is the inverse operation of parseDelays() (sort of).
unparseDelays({
times: [0,1,2,3,4,5,6,16],
plugged: true
}); // -> "0-6,16,P"
FAQs
ThrustCurve.org model rocket motor and thrust curve data as a single JSON file
The npm package thrustcurve-db receives a total of 23 weekly downloads. As such, thrustcurve-db popularity was classified as not popular.
We found that thrustcurve-db demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.