
Research
/Security News
jscrambler npm Package Compromised in Supply Chain Attack
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.
@babel/helper-validator-option
Advanced tools
Validate plugin/preset options
See our website @babel/helper-validator-option for more information.
Using npm:
npm install --save @babel/helper-validator-option
or using yarn:
yarn add @babel/helper-validator-option
Joi is a powerful schema description language and data validator for JavaScript. It allows for a more comprehensive and detailed validation schema compared to @babel/helper-validator-option, which is more focused on Babel's internal use for validating plugin and preset options.
Prop-types is a library for React that is used to validate the types of props passed to React components. While it serves a different ecosystem (React vs. Babel), the core functionality of validating input types is similar to what @babel/helper-validator-option provides for Babel plugins and presets.
Yup is a JavaScript schema builder for value parsing and validation. It defines a schema with a fluent API and is often used in form validation. Yup provides a more extensive set of features for validating complex data structures compared to @babel/helper-validator-option, which is more narrowly scoped for Babel configuration validation.
FAQs
Validate plugin/preset options
The npm package @babel/helper-validator-option receives a total of 132,639,658 weekly downloads. As such, @babel/helper-validator-option popularity was classified as popular.
We found that @babel/helper-validator-option demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.