![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@babel/helper-module-imports
Advanced tools
Package description
The @babel/helper-module-imports package is a utility that allows Babel plugins to add module imports to a file in a consistent way. It provides functions to programmatically add import statements or require calls within the code being transformed by Babel.
addDefault
Adds a default import statement to the file. For example, it can add `import lodash from 'lodash';` to the code.
import { addDefault } from '@babel/helper-module-imports';
const path = /* ... */;
const imported = addDefault(path, 'lodash', { nameHint: 'lodash' });
addNamed
Adds a named import statement to the file. For example, it can add `import { map } from 'lodash';` to the code.
import { addNamed } from '@babel/helper-module-imports';
const path = /* ... */;
const imported = addNamed(path, 'map', 'lodash', { nameHint: 'map' });
addNamespace
Adds a namespace import statement to the file. For example, it can add `import * as lodash from 'lodash';` to the code.
import { addNamespace } from '@babel/helper-module-imports';
const path = /* ... */;
const imported = addNamespace(path, 'lodash', { nameHint: 'lodash' });
addSideEffect
Adds an import statement that will include a module for its side effects only, without importing any bindings. For example, it can add `import 'normalize.css';` to the code.
import { addSideEffect } from '@babel/helper-module-imports';
const path = /* ... */;
addSideEffect(path, 'normalize.css');
A Babel plugin that allows you to import components from libraries in a modular way, often used with UI libraries like Ant Design. It can transform named imports to individual path imports to reduce bundle size, which is a different approach compared to @babel/helper-module-imports that focuses on adding imports programmatically within Babel plugins.
A Babel plugin that allows you to add aliases for imports in your project, making it easier to manage paths. It can be used to rewrite the paths of imports and requires, which is different from @babel/helper-module-imports that is used to add new imports rather than modify existing ones.
This plugin transforms member style imports (e.g., `import { map } from 'lodash'`) into default import style imports (e.g., `import map from 'lodash/map'`). This can help with reducing bundle sizes by only including the parts of a module that are used. It serves a different purpose than @babel/helper-module-imports, which is more about adding imports rather than optimizing them.
Changelog
v7.24.7 (2024-06-05)
babel-node
babel-traverse
constantViolations
with destructuring (@liuxingbaoyu)babel-helper-transform-fixture-test-runner
, babel-plugin-proposal-explicit-resource-management
using
in switch
correctly (@liuxingbaoyu)babel-helpers
, babel-runtime-corejs2
, babel-runtime-corejs3
, babel-runtime
Readme
Babel helper functions for inserting module loads
See our website @babel/helper-module-imports for more information.
Using npm:
npm install --save @babel/helper-module-imports
or using yarn:
yarn add @babel/helper-module-imports
FAQs
Unknown package
We found that @babel/helper-module-imports demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.