Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@chainsafe/babel-plugin-inline-binary-import
Advanced tools
Babel plugin to make raw files importable
Babel plugin to add the opportunity to use import
with raw/literal content
It is good e.g. for importing *.graphql
files into your code.
Before (without Babel-Inline-Import):
// server.js
// bad syntax highlighting, no syntax checking
const typeDefinitions = `
type Query {
testString: String
}
schema {
query: Query
}
`;
graphQLServer({
schema: [typeDefinitions],
...
});
Now (with Babel-Inline-Import):
// /some/schema.graphql
type Query {
testString: String
}
schema {
query: Query
}
// server.js
import schema from '/some/schema.graphql';
graphQLServer({
schema: [schema],
...
});
Note: both cases are equivalent and will result in similar code after Babel transpile them. Check How it works section for details.
npm install babel-plugin-inline-import --save-dev
Add a .babelrc
file and write:
{
"plugins": [
"babel-plugin-inline-import"
]
}
or pass the plugin with the plugins-flag on CLI
babel-node myfile.js --plugins babel-plugin-inline-import
By default, Babel-Inline-Import is compatible with the following file extensions:
If you want to enable different file extensions, you can define them in your .babelrc
file
{
"plugins": [
["babel-plugin-inline-import", {
"extensions": [
".json",
".sql"
]
}]
]
}
It inserts the content of the imported file directly into the importing file, assigning it to a variable with the same identifier of the import statement, thus replacing the import statement and the file path by its resulting raw content (no parsing occurs).
Babel does not track dependency between imported and importing files after the transformation is made. Therefore, you need to change the importing file in order to see your changes in the imported file spread. To overcome this:
babel-node
or babel-register
, you can disable babel cache (BABEL_DISABLE_CACHE=1
).babel-loader
, you can use babel-inline-import-loader.Also make sure that your task runner is watching for changes in the imported file as well. You can see it working here.
If you like this project just give it a star :) I like stars.
FAQs
Babel plugin to make raw files importable
We found that @chainsafe/babel-plugin-inline-binary-import demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.