Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
timezone-soft
Advanced tools
npm install timezone-soft
import soft from 'timezone-soft'
// get an IANA tz from user input
let timezones = soft('milwaukee')[0]
/*[{
iana: 'America/Chicago',
standard: { name: 'Central Standard Time', abbrev: 'CST' },
daylight: { name: 'Central Daylight Time', abbrev: 'CDT' }
}
]*/
IANA timezone codes are the official reference for timezone information, and is what you should use, whenever possible.
Humans though, are goofballs, and use a whole different informal scheme:
These names also collide -
'IST' is used to mean:
These names also produce all-sorts of ambiguities, regarding DST-changes-
Both Winnipeg and Mexico City are CST, but have a much different DST schedule:
(thanks timeanddate.com!)
-of course, there's a bunch of political/historical/disputed stuff going on, too. Apologies if this library steps into that unknowingly.
...so that's what we're trying to fix - to 'soften' this exchange, between human and IANA timezone nomenclature, using some opinionated-but-common-sense rules and decision-making.
It was originally built for use in the spacetime timezone library.
const soft = require('timezone-soft')
soft('EST')
// 'America/New_York'
soft('central')
// 'America/Chicago'
soft('venezuela')
// 'America/Caracas'
soft('south east asia')
// 'Asia/Bangkok'
Typescript/Deno/Webpack:
import soft from 'timezone-soft'
it was built to be as forgiving as possible, and return the most common-sense IANA timezone id from user-input.
Often, the proper timezone name will depend on which date you are referencing. You can reckon this pretty-easily with spacetime, like this:
const spacetime = require('spacetime')
const soft = require('timezone-soft')
let display = soft('montreal')[0]
let show = display.standard.abbrev
// are we in standard time, or daylight time?
let s = spacetime.now(display.iana)
if (display.daylight && s.isDST()) {
show = display.daylight.abbrev
}
console.log(s.time() + ' ' + show)
// '4:20pm EDT'
work-in-progress!
MIT
FAQs
interpret abbreviated and informal timezone names
We found that timezone-soft demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.