is-mobile
deno-puppeteer
is-mobile | deno-puppeteer | |
---|---|---|
1 | 5 | |
220 | 439 | |
- | - | |
3.6 | 0.0 | |
2 months ago | 5 months ago | |
JavaScript | TypeScript | |
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
is-mobile
-
BREAKING!! NPM package ‘ua-parser-js’ with more than 7M weekly download is compromised
If your only goal is to be certain you're dealing with a mobile device, a specialized library like is-mobile is probably a better fit.
deno-puppeteer
-
Unity ships Node-IPC vulnerability
In an ideal world, yes, but in reality Deno's permission model is quite hard to use so many libraries require disabling a lot of it, sometimes everything like puppeteer. Other example is the library I maintain: it requires --allow-net since you can't whitelist a domain and all its subdomains, just a domain.
-
What's the best way to generate a PDF from html in deno?
import puppeteer from "https://deno.land/x/[email protected]/mod.ts"; const browser = await puppeteer.launch(); const page = await browser.newPage(); await page.goto("https://news.ycombinator.com", { waitUntil: "networkidle2", }); await page.pdf({ path: "hn.pdf", format: "A4" }); await browser.close();
-
Fake npm Roblox API Package Installs Ransomware and has a Spooky Surprise
I agree that semantics for that is complicated, but I think the adopting browser permission model is bad because browsers have per-site isolation but how Deno is going to do that for applications that require executing external binaries? Also, even if you would whitelist some binaries, there are Deno packages, such as deno-puppeteer, which don't list what permissions it requires, instead it instructs users to enable all permissions using -A. By the way, why just -A? Why not --unsafely-enable-all-permissions (like Chromium's --unsafely-treat-insecure-origin-as-secure)?
-
BREAKING!! NPM package ‘ua-parser-js’ with more than 7M weekly download is compromised
Maybe people forget about this permission system because either are not experienced with Deno or because they just slap -A on eveything. Some packages such as deno-puppeteer even put it in all examples without even adding a note about its risks.
What are some alternatives?
GHSA-pjwm-rvh2-c87w
puppeteer-cluster - Puppeteer Pool, run a cluster of instances in parallel
deno - A modern runtime for JavaScript and TypeScript.
puppeteer - Node.js API for Chrome
handlebars-helpers - 188 handlebars helpers in ~20 categories. Can be used with Assemble, Ghost, YUI, express.js etc.
jsPDF - Client-side JavaScript PDF generation for everyone.
open-source-at-scale - talk at budapest 2014
react-pdf - 📄 Create PDF files using React
ua-parser-js - UAParser.js - Free & open-source JavaScript library to detect user's Browser, Engine, OS, CPU, and Device type/model. Runs either in browser (client-side) or node.js (server-side).
npm-force-resolutions - Force npm to install a specific transitive dependency version
enquirer - Stylish, intuitive and user-friendly prompts, for Node.js. Used by eslint, webpack, yarn, pm2, pnpm, RedwoodJS, FactorJS, salesforce, Cypress, Google Lighthouse, Generate, tencent cloudbase, lint-staged, gluegun, hygen, hardhat, AWS Amplify, GitHub Actions Toolkit, @airbnb/nimbus, and many others! Please follow Enquirer's author: https://github.com/jonschlinkert