Gathering detailed insights and metrics for stream-mmmagic
Installations
npm install stream-mmmagicDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Node Version
14.15.3
NPM Version
6.14.9
Score
96.6
Supply Chain
97.6
Quality
77.9
Maintenance
100
Vulnerability
98.9
License
Contributors
5
Unable to fetch Contributors
Languages
1
JavaScript
JavaScript (100%)
Developer
seangarner
Download Statistics
Total Downloads
2,457,301
Last Day
3,801
Last Week
19,449
Last Month
103,117
Last Year
1,926,044
GitHub Statistics
29 Stars
50 Commits
10 Forks
1 Watching
13 Branches
5 Contributors
Bundle Size
2.29 kB
Minified
1.06 kB
Minified + Gzipped
Maintainers
2
Package Meta Information
Latest Version
2.3.0
Package Id
stream-mmmagic@2.3.0
Unpacked Size
12.45 kB
Size
4.95 kB
File Count
9
NPM Version
6.14.9
Node Version
14.15.3
Total Downloads
Cumulative downloads
Total Downloads
2,457,301
Last day
-6.9%
3,801
Compared to previous day
Last week
-34.1%
19,449
Compared to previous week
Last month
-18.2%
103,117
Compared to previous month
Last year
610.9%
1,926,044
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Dev Dependencies
3
Versions
node-stream-mmmagic
Node module to sniff the start of a stream (non-destructively) to detect the file type and encoding when you don't have the luxury of being able to restart the stream again.
It does so by using buffer-peek-stream to get the first 16KB of the stream then send that to mmmagic (which uses libmagic). Before it's finished the peek stream will unshift the bytes it's received back onto the origin stream thereby making it appear as if the origin stream was new.
1npm install stream-mmmagic
Use
1const magic = require('stream-mmmagic'); 2const input = fs.createReadStream('somefile.csv'); 3 4const [mime, output] = await magic.promise(input); 5console.log('TYPE:', mime.type); 6console.log('ENCODING:', mime.encoding); 7output.pipe(process.stdout); 8 9//- TYPE: text/plain 10//- ENCODING: us-ascii 11//- <the file content>
Use (Callbacks)
1var magic = require('stream-mmmagic'); 2 3var input = fs.createReadStream('somefile.csv'); 4 5magic(input, function (err, mime, output) { 6 if (err) throw err; 7 8 console.log('TYPE:', mime.type); 9 console.log('ENCODING:', mime.encoding); 10 11 // will print the *whole* file 12 output.pipe(process.stdout); 13}); 14 15//- TYPE: text/plain 16//- ENCODING: us-ascii 17//- <the file content>
options.magicFile Custom Magic File
A magic file is bundled with the mmmagic npm module but if you want to use your own then set the path to the file on
the magicFile option.
1const magicFile = '/usr/share/magic'; 2magic(input, {magicFile}, callback);
options.splitMime Original Mime String
Use {splitMime: false} option to get back the original mime string instead of a split object.
1const [mime] = magic.promise(input, {splitMime: false}); 2console.log(mime); 3//- text/plain; charset=us-ascii
options.peekBytes Control Bytes Used for Analysis
As the input stream starts to get data the first 16KB is buffered and sent to libmagic for analysis to get file type and
encoding. 1KB is more than enough for detecting file type with a standard magicFile but the reliabilty of getting the
correct encoding is increased the more bytes are buffered. The tradeoff is performance and memory use.
Set peekBytes to the number of bytes you want buffered and sent to libmagic. For best results do not set below 256
bytes.
1// somefile.txt is a utf8 file where the first doublebyte char is after the first 1KB of the file 2const input = fs.createReadStream('somefile.txt'); 3 4const [{encoding}, output] = magic.promise(input, {peekBytes: 1024}); 5console.log(encoding); 6// not detected as utf8 because the first doublebyte char wasn't until later in the stream 7//- us-ascii 8 9const [{encoding}, output] = magic.promise(input, {peekBytes: 16384}); 10console.log(encoding); 11// now we're peeking 16KB into the file libmagic gets that first doublebyte char and knows it's utf8 12//- charset=utf8
LICENSE
MIT
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
6 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/seangarner/node-stream-mmmagic/node.js.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/seangarner/node-stream-mmmagic/node.js.yml/master?enable=pin
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 1 npmCommand dependencies pinned
Reason
Found 3/26 approved changesets -- score normalized to 1
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/node.js.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 8 are checked with a SAST tool
Score
3.5
/10
Last Scanned on 2025-01-13
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More