npm-force-resolutions
deno-puppeteer
| npm-force-resolutions | deno-puppeteer | |
|---|---|---|
| 1 | 5 | |
| 559 | 439 | |
| - | - | |
| 0.0 | 0.0 | |
| over 1 year ago | 5 months ago | |
| Clojure | TypeScript | |
| - | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
npm-force-resolutions
-
BREAKING!! NPM package ‘ua-parser-js’ with more than 7M weekly download is compromised
@GradeyCullins I believe the typical NPM-equivalent to resolve this sort of problem is to use this package: https://github.com/rogeriochaves/npm-force-resolutions
deno-puppeteer
-
Unity ships Node-IPC vulnerability
In an ideal world, yes, but in reality Deno's permission model is quite hard to use so many libraries require disabling a lot of it, sometimes everything like puppeteer. Other example is the library I maintain: it requires --allow-net since you can't whitelist a domain and all its subdomains, just a domain.
-
What's the best way to generate a PDF from html in deno?
import puppeteer from "https://deno.land/x/[email protected]/mod.ts"; const browser = await puppeteer.launch(); const page = await browser.newPage(); await page.goto("https://news.ycombinator.com", { waitUntil: "networkidle2", }); await page.pdf({ path: "hn.pdf", format: "A4" }); await browser.close();
-
Fake npm Roblox API Package Installs Ransomware and has a Spooky Surprise
I agree that semantics for that is complicated, but I think the adopting browser permission model is bad because browsers have per-site isolation but how Deno is going to do that for applications that require executing external binaries? Also, even if you would whitelist some binaries, there are Deno packages, such as deno-puppeteer, which don't list what permissions it requires, instead it instructs users to enable all permissions using -A. By the way, why just -A? Why not --unsafely-enable-all-permissions (like Chromium's --unsafely-treat-insecure-origin-as-secure)?
-
BREAKING!! NPM package ‘ua-parser-js’ with more than 7M weekly download is compromised
Maybe people forget about this permission system because either are not experienced with Deno or because they just slap -A on eveything. Some packages such as deno-puppeteer even put it in all examples without even adding a note about its risks.
What are some alternatives?
enquirer - Stylish, intuitive and user-friendly prompts, for Node.js. Used by eslint, webpack, yarn, pm2, pnpm, RedwoodJS, FactorJS, salesforce, Cypress, Google Lighthouse, Generate, tencent cloudbase, lint-staged, gluegun, hygen, hardhat, AWS Amplify, GitHub Actions Toolkit, @airbnb/nimbus, and many others! Please follow Enquirer's author: https://github.com/jonschlinkert
puppeteer-cluster - Puppeteer Pool, run a cluster of instances in parallel
is-even - I created this in 2014, when I was learning how to program.
puppeteer - Node.js API for Chrome
GHSA-pjwm-rvh2-c87w
jsPDF - Client-side JavaScript PDF generation for everyone.
ua-parser-js - UAParser.js - Free & open-source JavaScript library to detect user's Browser, Engine, OS, CPU, and Device type/model. Runs either in browser (client-side) or node.js (server-side).
react-pdf - 📄 Create PDF files using React
is-number - JavaScript/Node.js utility. Returns `true` if the value is a number or string number. Useful for checking regex match results, user input, parsed strings, etc.
handlebars-helpers - 188 handlebars helpers in ~20 categories. Can be used with Assemble, Ghost, YUI, express.js etc.
AutoMapper - A convention-based object-object mapper in .NET.