![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@babel/plugin-transform-for-of
Advanced tools
Package description
The @babel/plugin-transform-for-of package is a plugin for Babel, a JavaScript compiler, that transforms for...of loops into more compatible ES5 syntax. This is particularly useful for ensuring that your JavaScript code can run in environments that do not support the latest ECMAScript features, such as older browsers. The transformation helps in converting iterable objects in a way that can be understood by environments without native support for the for...of loop.
Transform for...of loops to ES5
This feature automatically converts for...of loops into a compatible ES5 syntax using simple iteration over arrays. This is useful for ensuring compatibility with older JavaScript environments.
"use strict";
var _arr = [1, 2, 3];
for (var _i = 0; _i < _arr.length; _i++) {
var i = _arr[_i];
console.log(i);
}
Optionally use loose mode for simpler output
In loose mode, the transformation is even simpler, avoiding the use of iterators altogether and directly accessing array elements by index. This results in faster code but assumes the iterated object is an array.
"use strict";
var _arr = [1, 2, 3];
for (var i = 0; i < _arr.length; i++) {
console.log(_arr[i]);
}
Similar to @babel/plugin-transform-for-of, this plugin transforms spread syntax (e.g., ...arr) into a form that can be understood by older JavaScript engines. While it focuses on spread syntax rather than for...of loops, it similarly aims to enhance compatibility with older environments.
This package transforms ES6 block scoping (let and const) into ES5 syntax. It's similar to @babel/plugin-transform-for-of in that it targets a specific ES6 feature for transformation to ensure compatibility with older JavaScript engines.
Changelog
v7.22.15 (2023-09-04)
babel-core
babel-cli
, babel-core
, babel-generator
, babel-helper-builder-binary-assignment-operator-visitor
, babel-helper-compilation-targets
, babel-helper-create-class-features-plugin
, babel-helper-create-regexp-features-plugin
, babel-helper-member-expression-to-functions
, babel-helper-module-imports
, babel-helper-module-transforms
, babel-helper-transform-fixture-test-runner
, babel-helper-validator-identifier
, babel-helper-validator-option
, babel-helpers
, babel-node
, babel-parser
, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression
, babel-plugin-bugfix-v8-spread-parameters-in-optional-chaining
, babel-plugin-proposal-decorators
, babel-plugin-proposal-destructuring-private
, babel-plugin-proposal-pipeline-operator
, babel-plugin-transform-async-generator-functions
, babel-plugin-transform-block-scoping
, babel-plugin-transform-classes
, babel-plugin-transform-destructuring
, babel-plugin-transform-for-of
, babel-plugin-transform-modules-commonjs
, babel-plugin-transform-object-rest-spread
, babel-plugin-transform-optional-chaining
, babel-plugin-transform-parameters
, babel-plugin-transform-property-mutators
, babel-plugin-transform-react-jsx
, babel-plugin-transform-runtime
, babel-plugin-transform-typescript
, babel-preset-env
, babel-preset-flow
, babel-preset-react
, babel-preset-typescript
, babel-register
, babel-standalone
, babel-template
, babel-traverse
, babel-types
.ts
/.js
extension to all imports in src
(@nicolo-ribaudo)Readme
Compile ES2015 for...of to ES5
See our website @babel/plugin-transform-for-of for more information.
Using npm:
npm install --save-dev @babel/plugin-transform-for-of
or using yarn:
yarn add @babel/plugin-transform-for-of --dev
FAQs
Unknown package
We found that @babel/plugin-transform-for-of demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.