
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
rails_language_select
Advanced tools
Helper for displaying a localised <select>
of languages using the ISO 369 standard or your own custom data source.
If you're using SimpleForm, see also: https://github.com/kasparsj/simple_form_language_input
Based on the code of: https://github.com/stefanpenner/country_select
By default uses language data from: https://github.com/grosser/i18n_data
Install as a gem using
gem install rails_language_select
Or put the following in your Gemfile
gem 'rails_language_select'
Simple use supplying model and attribute as parameters:
language_select("user", "language")
Supplying priority languages to be placed at the top of the list:
language_select("user", "language", priority_languages: ["EN", "FR", "DE"])
Supplying only certain languages:
language_select("user", "language", only: ["EN", "FR", "DR"])
Discarding certain languages:
language_select("user", "language", except: ["EN", "FR", "DE"])
Pre-selecting a particular language:
language_select("user", "language", selected: "EN")
Using existing select
options:
language_select("user", "language", include_blank: true)
language_select("user", "language", { include_blank: 'Select a language' }, { class: 'language-select-box' })
Supplying additional html options:
language_select("user", "language", { priority_languages: ["EN", "FR"], selected: "EN" }, { class: 'form-control', data: { attribute: "value" } })
You can override the default data source, or define a new custom data source which will receive code_or_name
# config/initializers/rails_language_select.rb
# example overriding default data source
RailsLanguageSelect::DATA_SOURCE[:default] = lambda do |code_or_name = nil|
languages = I18nData.languages(I18n.locale.to_s).slice("EN", "FR", "ES")
if code_or_name.nil?
languages.keys
else
if (language = languages[code_or_name.to_s.upcase])
code = code_or_name
elsif (code = I18nData.language_code(code_or_name))
language = languages[code]
end
return language, code
end
end
# example defining a new custom data source
RailsLanguageSelect::DATA_SOURCE[:custom_data] = lambda do |code_or_name = nil|
custom_data = {yay: "YAY!", wii: 'Yippii!'}
if code_or_name.nil?
custom_data.keys
else
if (language = custom_data[code_or_name])
code = code_or_name
elsif (code = custom_data.key(code_or_name))
language = code_or_name
end
return language, code
end
end
language_select("user", "language", data_source: :custom_data)
You can override the default formatter, or define a new custom formatter which will receive language
(localised language name) and code
# config/initializers/rails_language_select.rb
# example overriding default formatter
RailsLanguageSelect::FORMATS[:default] = lambda do |language, code|
[language, code.downcase] # use lower case code instead of upper case
end
# example defining a new custom formatter
RailsLanguageSelect::FORMATS[:with_code] = lambda do |language, code|
"#{language} (#{code})"
end
language_select("user", "language", format: :with_code)
class User < ActiveRecord::Base
# Assuming language_select is used with User attribute `language_code`
# This will attempt to translate the language name and use the default
# (usually English) name if no translation is available
def language_name
RailsLanguageSelect::DATA_SOURCE[:default].call(language_code)
end
end
FAQs
Unknown package
We found that rails_language_select demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.