Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@babel/core
Advanced tools
@babel/core is the core library of the Babel JavaScript compiler. It is primarily used for transforming ES6+ code into backwards compatible JavaScript that can be run by older JavaScript engines. Babel is widely used for its ability to transpile new JavaScript syntax, JSX, TypeScript, and for its plugin system that allows developers to use experimental features and customize the build process.
Syntax Transformation
Transforms modern JavaScript syntax into a backwards compatible version. For example, it can convert ES6 arrow functions into regular ES5 functions.
require('@babel/core').transform('code', { presets: ['@babel/preset-env'] });
Plugin/Preset Application
Applies Babel plugins or presets to the code to enable specific transformations or sets of transformations.
require('@babel/core').transform('code', { plugins: ['@babel/plugin-transform-arrow-functions'] });
Source Map Generation
Generates source maps which help in debugging the original source code after it has been transformed by Babel.
require('@babel/core').transform('code', { sourceMaps: true });
Code Generation
Generates code from an Abstract Syntax Tree (AST). This is useful when you want to transform the AST directly or manipulate it before generating code.
require('@babel/core').transformFromAst(ast, 'code', { presets: ['@babel/preset-env'] });
TypeScript is a superset of JavaScript that compiles to plain JavaScript. It offers type checking and is aimed at the development of large applications. While it does transpile code, it is more focused on type safety and less on new syntax features.
esbuild is an extremely fast JavaScript bundler and minifier. It also provides a limited set of transformation features, such as JSX and TypeScript support. It is not as extensible as Babel but is focused on speed and efficiency.
swc is a super-fast compiler written in Rust that aims to be a drop-in replacement for Babel. It supports most of the modern JavaScript features and is focused on performance. It is gaining popularity in the JavaScript community for its speed.
Babel compiler core.
See our website @babel/core for more information or the issues associated with this package.
Using npm:
npm install --save-dev @babel/core
or using yarn:
yarn add @babel/core --dev
v7.26.0 (2024-10-25)
babel-core
, babel-generator
, babel-parser
, babel-plugin-syntax-import-assertions
, babel-plugin-syntax-import-attributes
, babel-preset-env
, babel-standalone
, babel-types
babel-core
babel-compat-data
, babel-plugin-proposal-regexp-modifiers
, babel-plugin-transform-regexp-modifiers
, babel-preset-env
, babel-standalone
babel-parser
startIndex
parser option (@DylanPiercey)babel-generator
, babel-parser
, babel-plugin-syntax-flow
babel-helpers
, babel-preset-typescript
, babel-runtime-corejs3
import()
in rewriteImportExtensions
(@liuxingbaoyu)babel-generator
, babel-parser
@babel/generator
(@nicolo-ribaudo)babel-core
babel-plugin-proposal-json-modules
, babel-plugin-transform-json-modules
, babel-standalone
proposal-json-modules
to transform-json-modules
(@nicolo-ribaudo)babel-code-frame
, babel-highlight
@babel/highlight
in @babel/code-frame
(@nicolo-ribaudo)babel-generator
, babel-parser
, babel-types
kind
to TSModuleDeclaration
(@liuxingbaoyu)babel-helper-module-transforms
, babel-plugin-transform-modules-commonjs
FAQs
Babel compiler core.
The npm package @babel/core receives a total of 54,921,011 weekly downloads. As such, @babel/core popularity was classified as popular.
We found that @babel/core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.