Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
com.github.ricksbrown:xslmin
Advanced tools
An XSLT 1.0 minifier A tool to minify an XSL file so that it is as compact as possible. The primary goal of this tool is to compress XSL files used in client side XSLT in web browsers.
An XSLT minifier
A tool to minify an XSL file so that it is as compact as possible (requires Java 1.6).
The primary goal of this tool is to compress XSL files used in client side XSLT in web browsers.
VERSION 2.0 RELEASED! The new version is major rewrite - the primary focus: SPEED!!! Some new features too, see below...
xslmin performs the following minification tasks:
New features in version 2:
Deletes unused templates Deletes unused variables Deletes unused parameters And as always:
Strips comments Strips ignorable whitespace Renames local variables Renames local parameters Renames global variables Does NOT rename global parameters (so you can still inject them) Renames named templates Collapses xsl:elements to short form e.g. becomes Inlines xsl:attributes e.g. becomes It will, soon:
Merge identical templates Detect recurring long text and move to global variable
FAQs
An XSLT 1.0 minifier A tool to minify an XSL file so that it is as compact as possible. The primary goal of this tool is to compress XSL files used in client side XSLT in web browsers.
We found that com.github.ricksbrown:xslmin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.