Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@babel/plugin-transform-runtime
Advanced tools
Externalise references to helpers and builtins, automatically polyfilling your code without polluting globals
The @babel/plugin-transform-runtime package is a Babel plugin that enables the re-use of Babel's injected helper code to save on codesize. It also allows you to use built-ins such as Promise or WeakMap, static methods like Array.from or Object.assign, instance methods like Array.prototype.includes, and generator functions in environments that do not natively support them.
Helpers
This feature allows Babel to transform code by extracting common helper functions into shared modules to reduce code duplication in the output.
"use strict";\n\nfunction _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError(\"Cannot call a class as a function\"); } }\n\nvar Foo = function Foo() {\n _classCallCheck(this, Foo);\n};
Polyfills for instance methods
This feature enables the use of instance methods like 'includes' on arrays, which are part of the ECMAScript specifications but may not be available in all environments.
import \"core-js/stable\";\nimport \"regenerator-runtime/runtime\";\n\n[1, 2, 3].includes(2);
Built-ins
This feature allows the use of new built-in objects like Promise, which are part of the ECMAScript specifications but may not be natively supported in all environments.
import \"core-js/stable\";\nimport \"regenerator-runtime/runtime\";\n\nvar promise = new Promise();
Generator functions
This feature allows the use of generator functions, which can be used to perform asynchronous operations in a synchronous-like manner.
import \"core-js/stable\";\nimport \"regenerator-runtime/runtime\";\n\nfunction* aGenerator() {\n yield 1;\n yield 2;\n yield 3;\n}
Core-js is a modular standard library for JavaScript, which includes polyfills for ECMAScript up to 2021. It's similar to @babel/plugin-transform-runtime in that it provides polyfills for features not available in older environments, but it's more comprehensive and can be used without Babel.
Regenerator-runtime is a standalone runtime for Regenerator-compiled generator and async functions. It's similar to the generator function handling part of @babel/plugin-transform-runtime but does not include other transformations or helpers.
Babel-polyfill is now deprecated in favor of @babel/preset-env and core-js. It used to provide a full set of polyfills for Babel users. It was similar to @babel/plugin-transform-runtime but included the polyfills in the global scope, which could lead to conflicts.
Externalise references to helpers and builtins, automatically polyfilling your code without polluting globals
See our website @babel/plugin-transform-runtime for more information.
Using npm:
npm install --save-dev @babel/plugin-transform-runtime
or using yarn:
yarn add @babel/plugin-transform-runtime --dev
FAQs
Externalise references to helpers and builtins, automatically polyfilling your code without polluting globals
The npm package @babel/plugin-transform-runtime receives a total of 9,911,377 weekly downloads. As such, @babel/plugin-transform-runtime popularity was classified as popular.
We found that @babel/plugin-transform-runtime demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.