Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@babel/preset-stage-3
Advanced tools
As of v7.0.0-beta.55, we've removed Babel's Stage presets. Please consider reading our blog post on this decision for more details. TL;DR is that it's more beneficial in the long run to explicitly add which proposals to use.
For a more automatic migration, we have updated babel-upgrade to do this for you (you can run npx babel-upgrade
).
If you want the same configuration as before:
{
"plugins": [
"@babel/plugin-syntax-dynamic-import",
"@babel/plugin-syntax-import-meta",
["@babel/plugin-proposal-class-properties", { "loose": false }],
"@babel/plugin-proposal-json-strings"
]
}
If you're using the same configuration across many separate projects, keep in mind that you can also create your own custom presets with whichever plugins and presets you're looking to use.
module.exports = function() {
return {
plugins: [
require("@babel/plugin-syntax-dynamic-import"),
[require("@babel/plugin-proposal-decorators"), { "legacy": true }],
[require("@babel/plugin-proposal-class-properties"), { "loose": true }],
],
presets: [
// ...
],
};
};
NOTE: Compatibility between @babel/plugin-proposal-class-properties
and @babel/plugin-proposal-decorators
If you are including your plugins manually and using @babel/plugin-proposal-class-properties
, make sure that @babel/plugin-proposal-decorators
comes before @babel/plugin-proposal-class-properties
.
When using the legacy: true
option of @babel/plugin-proposal-decorators
, @babel/plugin-proposal-class-properties
must be used in loose: true
mode.
If you are not using @babel/plugin-proposal-decorators
, loose
mode is not needed.
FAQs
Babel preset for stage 3 plugins
The npm package @babel/preset-stage-3 receives a total of 4,854 weekly downloads. As such, @babel/preset-stage-3 popularity was classified as popular.
We found that @babel/preset-stage-3 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.