Security News
Node.js Moves Toward Stable TypeScript Support with Amaro 1.0
Amaro 1.0 lays the groundwork for stable TypeScript support in Node.js, bringing official .ts loading closer to reality.
By Sarah Gooding - Jun 10, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
csv2api
97
Supply Chain Security
100
Vulnerability
100
Quality
100
Maintenance
100
License
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Dependencies have 2 high and critical alerts.
Critical CVE
CSV2API
Auto-create json and xml APIs from csv files. Instant endpoints without any hassle.
Why should I use this?
- Your boss/client hates you so they insist on sending you .csv files for their data.
- You need to do a quick prototype and don't want to waste time importing / converting
- You're bored and want to write an app with pre-historical data that you found on a floppy!
- Your life depends on it (Disclaimer: Use at your own risk, jk you should be fine!)
Installation
Install it running:
$ gem install csv2api
Usage
Basic Example Code
To read from the current directory, run the following command
$ csv2api
Starting CSV2API...
2 csv files detected. Creating API endpoints...
tasks.csv - http://localhost:3000/tasks
weather.csv - http://localhost:3000/weather
Note: Endpoints can be accessed with the filename (spreadsheet view) or their .json, .xml extensions.
Spreadsheet View
Load a specific folder
$csv2api -d office_stuff/sad_csvs/
Command-Line Application
Options:
- -d, --directory - load csv files from directory
- -v, --version - display the version
- -h, --help - print help
TODO
Soon
- Load single files
- REST Support
- WebUI
Author
Discussion
If you have any questions, ideas or a good joke:
Contributing
Is it worth it? let me fork it
I put my thing down, flip it and debug it
Ti gubed dna ti pilf nwod gniht ym tup I
Ti gubed dna ti pilf nwod gniht ym tup I
FAQs
Unknown package
We found that csv2api demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 06 Aug 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
By Kush Pandya - Jun 06, 2025
Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norris - Jun 05, 2025