Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
protobuf-style varint bytes - use msb to create integer values of varying sizes
The varint npm package is used for encoding and decoding variable-length integers. It is particularly useful in scenarios where you need to efficiently store or transmit integers that can vary greatly in size, such as in network protocols or file formats.
Encoding Integers
This feature allows you to encode an integer into a variable-length format. The encoded result is an array of bytes.
const varint = require('varint');
const encoded = varint.encode(300); // [172, 2]
console.log(encoded);
Decoding Integers
This feature allows you to decode a variable-length encoded integer back into its original integer form.
const varint = require('varint');
const decoded = varint.decode([172, 2]); // 300
console.log(decoded);
Encoding Integers to Buffer
This feature allows you to encode an integer directly into a Buffer, which can be useful for more advanced use cases involving binary data.
const varint = require('varint');
const buffer = Buffer.alloc(10);
const bytesWritten = varint.encode(300, buffer, 0); // 2
console.log(buffer.slice(0, bytesWritten));
Decoding Integers from Buffer
This feature allows you to decode an integer from a Buffer, which is useful when working with binary data streams.
const varint = require('varint');
const buffer = Buffer.from([172, 2]);
const decoded = varint.decode(buffer); // 300
console.log(decoded);
protobufjs is a comprehensive library for working with Protocol Buffers, which includes functionality for encoding and decoding variable-length integers. It is more feature-rich compared to varint, offering schema definitions and more complex data structures.
msgpack-lite is a library for encoding and decoding data in the MessagePack format, which includes support for variable-length integers. It is similar to varint but also supports a wider range of data types and is optimized for performance.
leb128 is a library for encoding and decoding LEB128 (Little Endian Base 128) integers, which is another form of variable-length integer encoding. It is similar to varint but uses a different encoding scheme.
encode whole numbers to an array of protobuf-style varint bytes and also decode them.
var varint = require('varint')
var bytes = varint.encode(300) // === [0xAC, 0x02]
varint.decode(bytes) // 300
varint.decode.bytes // 2 (the last decode() call required 2 bytes)
Encodes num
into buffer
starting at offset
. returns buffer
, with the encoded varint written into it. If buffer
is not provided, it will default to a new array.
varint.encode.bytes
will now be set to the number of bytes
modified.
decodes data
, which can be either a buffer or array of integers, from position offset
or default 0 and returns the decoded original integer.
Throws a RangeError
when data
does not represent a valid encoding.
if you also require the length (number of bytes) that were required to decode the integer you can access it via varint.decode.bytes
. this is an integer property that will tell you the number of bytes that the last .decode() call had to use to decode.
similar to decode.bytes
when encoding a number it can be useful to know how many bytes where written (especially if you pass an output array). you can access this via varint.encode.bytes
which holds the number of bytes written in the last encode.
returns the number of bytes this number will be encoded as, up to a maximum of 8.
If varint is passed a buffer that does not contain a valid end
byte, then decode
will throw RangeError
, and decode.bytes
will be set to 0. If you are reading from a streaming source,
it's okay to pass an incomplete buffer into decode
, detect this
case, and then concatenate the next buffer.
MIT
FAQs
protobuf-style varint bytes - use msb to create integer values of varying sizes
The npm package varint receives a total of 1,566,902 weekly downloads. As such, varint popularity was classified as popular.
We found that varint demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.