Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
github.com/pcfreak30/go-llm-bundler
A go tool to create a LLM friendly bundle to be able to understand a golang codebase.
Created by an LLM 🙃, with some fixes along the way 😉.
You can install go-llm-bundler directly using Go's install command:
go install github.com/pcfreak30/go-llm-bundler@latest
This will download the source, compile it, and install the binary in your $GOPATH/bin
directory. Make sure this directory is in your system's PATH.
After installation, you can run the tool using:
go-llm-bundler [options]
-dir string
: The root directory of the Go project (default: current directory)-out string
: The output file (default: <project_name>_bundle.txt
)-meta
: Include metadata such as package structure (default: false)-minify int
: Minification level (1-3, default: 1)-exclude string
: Comma-separated list of directories to exclude (default: "vendor,testdata")Bundle the current directory with default options:
go-llm-bundler
Bundle a specific project with metadata and higher minification:
go-llm-bundler -dir /path/to/my-project -meta -minify 2
Exclude additional directories and specify an output file:
go-llm-bundler -dir /path/to/my-project -exclude "vendor,testdata,examples" -out my_custom_bundle.txt
The tool generates a file containing:
###FILE:<filename>###
This format is designed to be easily parsed by AI models while remaining human-readable.
Contributions are welcome! Please feel free to submit a Pull Request.
This project is licensed under the MIT License - see the LICENSE file for details.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.