![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
tinyduration
Advanced tools
Changelog
3.3.1
Readme
A small (< 1kb minified + gzipped) javascript package to parse and serialize ISO-8601 durations. This package does only 2 things:
P1DT12H
to { days: 1, hours: 12 }
)This lib has 0 dependencies.
npm install --save tinyduration
yarn add tinyduration
import { parse, serialize } from 'tinyduration'
// Basic parsing
const durationObj = parse('P1Y2M3DT4H5M6S')
assert(durationObj, {
years: 1,
months: 2,
days: 3,
hours: 4,
minutes: 5,
seconds: 6,
})
// Serialization
assert(serialize(durationObj), 'P1Y2M3DT4H5M6S')
This library is written in TypeScript.
During publication of the package, the code is transpiled to javascript and put into the dist
folder.
The tests can be found the src
folder under *.test.ts
, testing is done using Jest
Additional commands you'll need for development:
yarn test
to run all testsyarn lint
to run the linteryarn prettify
to auto-fix the indenting issuesyarn ci
to run coverage and lintingProperty | Type | Description |
---|---|---|
negative | boolean or undefined | Duration is positive if undefined |
years | number or undefined | |
months | number or undefined | |
weeks | number or undefined | |
days | number or undefined | |
hours | number or undefined | |
minutes | number or undefined | |
seconds | number or undefined |
Property | Type | Description |
---|---|---|
allowMultipleFractions | boolean or undefined | Defaults to true . |
parse
accepts a string and returns a Duration
object.
No attempt is made to change lower units into higher ones, e.g. to change 120 minutes into 2 hours.
Throws InvalidDurationError
if an invalid duration string is supplied.
Throws MultipleFractionsError
if an the duration string contains multiple fractions while disabled in the config.
According to the spec multiple fractions are not allowed. Currently this is not enforced and the allowMultipleFractions
config parameter defaults to true
.
import { parse } from 'tinyduration'
const duration = parse('P1W')
assert(duration, { weeks: 1 })
try {
parse('invalid-duration')
} catch (e) {
assert(e.message === 'Invalid duration')
}
serialize
accepts a Duration object and returns a serialized duration according to ISO-8601.
If the duration is empty (i.e. all values are 0), PT0S
is returned.
import * as Duration from 'tinyduration'
const durationStr = Duration.serialize({ weeks: 1 })
assert(durationStr, 'P1W')
const durationStr = Duration.serialize({})
assert(durationStr, 'PT0S')
MIT
FAQs
Unknown package
We found that tinyduration demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.