🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@breadstone-tools/localizator-app

Package Overview
Dependencies
Maintainers
1
Versions
198
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@breadstone-tools/localizator-app

Localizator app/cli

latest
Source
npmnpm
Version
0.0.205
Version published
Maintainers
1
Created
Source

📦 @breadstone-tools/localizator-app

Package StatusSource
npmtools/localizator/app

CLI and programmatic entrypoint for the Localizator toolchain. Extract, analyze, transform, and generate translation resources for multiple frameworks and formats.

📁 Project Structure

Part of the monorepo mosaik Package path: tools/localizator/app Version: see npm License: MIT

📦 Installation

yarn add @breadstone-tools/localizator-app
# or
npm install @breadstone-tools/localizator-app

🔧 Usage

CLI

npx localizator <command> [options]

See npx localizator --help for all options.

Programmatic API

import { run, type IRunConfig } from '@breadstone-tools/localizator-app';

const config: IRunConfig = {
  cwd: process.cwd(),
  output: './locales',
  detect: {
    root: './src',
    preset: 'angular',
    type: 'json'
  },
  generate: {
    enabled: true,
    apiKey: process.env.GEMINI_API_KEY,
    locales: ['de', 'fr'],
    baseLocale: 'en'
  }
};

run(config).then(result => {
  console.log(result.generate);
});

⚙️ Features

  • CLI for extraction, analysis, transformation, and AI-based generation of localization resources
  • Programmatic API for integration into CI/CD or custom tools
  • Supports Angular, React, Vue, Lit, Stencil, and more

🛠 Recommendations

  • Use as the main entrypoint for localization workflows in Nx monorepos.
  • Integrate with CI/CD pipelines for automated i18n management.

📦 Publishing

yarn nx run localizator-app:publish

📄 License

MIT © Breadstone

FAQs

Package last updated on 07 Dec 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious Crate Mimicking ‘Finch’ Exfiltrates Credentials via a Hidden Dependency

Security News

/

Research

Malicious Crate Mimicking ‘Finch’ Exfiltrates Credentials via a Hidden Dependency

Socket found a Rust typosquat (finch-rust) that loads sha-rust to steal credentials, using impersonation and an unpinned dependency to auto-deliver updates.

By Kush Pandya  -  Dec 05, 2025