
Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
pyunormalize
Advanced tools
Unicode normalization forms (NFC, NFKC, NFD, NFKD). A library independent of the Python core Unicode database.
A pure Python implementation of the Unicode normalization algorithm independent of Python’s core Unicode database. This package conforms to version 16.0 of the Unicode standard, released in September 2024, and has been rigorously tested for accuracy using the official Unicode test file.
To install the package, run:
pip install pyunormalize
To upgrade to the latest version, run:
pip install pyunormalize --upgrade
To retrieve the version of the Unicode character database in use:
>>> from pyunormalize import UCD_VERSION
>>> UCD_VERSION
'16.0.0'
>>> from pyunormalize import NFC, NFD, NFKC, NFKD
>>> s = "élève" # "\u00E9\u006C\u00E8\u0076\u0065"
>>> nfc = NFC(s)
>>> nfd = NFD(s)
>>> nfc == s
True
>>> nfd == nfc
False
>>> " ".join([f"{ord(x):04X}" for x in nfc])
'00E9 006C 00E8 0076 0065'
>>> " ".join([f"{ord(x):04X}" for x in nfd])
'0065 0301 006C 0065 0300 0076 0065'
>>>
>>> s = "⑴ ffi ²"
>>> NFC(s), NFKC(s), NFD(s), NFKD(s)
('⑴ ffi ²', '(1) ffi 2', '⑴ ffi ²', '(1) ffi 2')
>>> from pyunormalize import normalize
>>> normalize("NFKD", "⑴ ffi ²")
'(1) ffi 2'
>>> forms = ["NFC", "NFD", "NFKC", "NFKD"]
>>> [normalize(f, "\u017F\u0307\u0323") for f in forms]
['ẛ̣', 'ẛ̣', 'ṩ', 'ṩ']
This implementation is based on the following resources:
The code is licensed under the MIT license.
Usage of Unicode data files is subject to the UNICODE TERMS OF USE. Additional rights and restrictions regarding Unicode data files and software are outlined in the Unicode Data Files and Software License, a copy of which is included as UNICODE-LICENSE.
FAQs
Unicode normalization forms (NFC, NFKC, NFD, NFKD). A library independent of the Python core Unicode database.
We found that pyunormalize demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.