Installations
npm install @aleclarson/isbinaryfileScore
68.2
Supply Chain
90.7
Quality
74.2
Maintenance
100
Vulnerability
100
License
Developer
gjtorikian
Developer Guide
Module System
CommonJS
Min. Node Version
>=0.6.0
Typescript Support
No
Node Version
10.7.0
NPM Version
6.1.0
Statistics
165 Stars
202 Commits
23 Forks
6 Watching
3 Branches
16 Contributors
Updated on 23 Oct 2024
Languages
TypeScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
682
Last day
0%
1
Compared to previous day
Last week
0%
1
Compared to previous week
Last month
-20%
4
Compared to previous month
Last year
-51.5%
63
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Dev Dependencies
5
isBinaryFile
Detects if a file is binary in Node.js using ✨promises✨. Similar to Perl's -B switch, in that:
- it reads the first few thousand bytes of a file
- checks for a
nullbyte; if it's found, it's binary - flags non-ASCII characters. After a certain number of "weird" characters, the file is flagged as binary
Much of the logic is pretty much ported from ag.
Note: if the file doesn't exist or is a directory, an error is thrown.
Installation
npm install isbinaryfile
Usage
Returns Promise<boolean> (or just boolean for *Sync). true if the file is binary, false otherwise.
isBinaryFile(filepath)
filepath- astringindicating the path to the file.
isBinaryFile(bytes[, size])
bytes- aBufferof the file's contents.size- an optionalnumberindicating the file size.
isBinaryFileSync(filepath)
filepath- astringindicating the path to the file.
isBinaryFileSync(bytes[, size])
bytes- aBufferof the file's contents.size- an optionalnumberindicating the file size.
Examples
Here's an arbitrary usage:
1const isBinaryFile = require("isbinaryfile").isBinaryFile; 2const fs = require("fs"); 3 4const filename = "fixtures/pdf.pdf"; 5const data = fs.readFileSync(filename); 6const stat = fs.lstatSync(filename); 7 8isBinaryFile(data, stat.size).then((result) => { 9 if (result) { 10 console.log("It is binary!") 11 } 12 else { 13 console.log("No it is not.") 14 } 15}); 16 17const isBinaryFileSync = require("isbinaryfile").isBinaryFileSync; 18const bytes = fs.readFileSync(filename); 19const size = fs.lstatSync(filename).size; 20console.log(isBinaryFileSync(bytes, size)); // true or false
Testing
Run npm install, then run npm test.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE.txt:0
- Info: FSF or OSI recognized license: MIT License: LICENSE.txt:0
Reason
binaries present in source code
Details
- Warn: binary detected: test/fixtures/grep:1
Reason
2 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Reason
6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5
Reason
Found 2/10 approved changesets -- score normalized to 2
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/automerge.yml:8
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/automerge.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/gjtorikian/isBinaryFile/automerge.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/gjtorikian/isBinaryFile/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/gjtorikian/isBinaryFile/ci.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:23
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 22 are checked with a SAST tool
Score
4.2
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More