Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@codama/validators
Advanced tools
This package offers a set of validation rules for Codama IDLs to ensure that they are correctly formatted.
pnpm install @codama/validators
[!NOTE] This package is included in the main
codama
package. Meaning, you already have access to its content if you are installing Codama this way.pnpm install codama
ValidationItem
A validation item describes a single piece of information — typically a warning or an error — about a node in the Codama IDL.
type ValidationItem = {
// The level of importance of a validation item.
level: 'debug' | 'trace' | 'info' | 'warn' | 'error';
// A human-readable message describing the issue or information.
message: string;
// The node that the validation item is related to.
node: Node;
// The stack of nodes that led to the node above.
stack: readonly Node[];
};
getValidationItemsVisitor(visitor)
The getValidationItemsVisitor
function returns a visitor that collects all validation items from a Codama IDL. Note that this visitor is still a work in progress and does not cover all validation rules.
import { getValidationItemsVisitor } from '@codama/validators';
const validationItems = codama.accept(getValidationItemsVisitor());
throwValidatorItemsVisitor(visitor)
The throwValidatorItemsVisitor
function accepts a Visitor<ValidationItemp[]>
and throws an error if any validation items above a certain level are found. By default, the level is set to 'error'
but a second argument can be passed to change it.
import { throwValidatorItemsVisitor, getValidationItemsVisitor } from '@codama/validators';
// Throw if any "error" items are found.
codama.accept(throwValidatorItemsVisitor(getValidationItemsVisitor()));
// Throw if any "warn" or "error" items are found.
codama.accept(throwValidatorItemsVisitor(getValidationItemsVisitor(), 'warn'));
FAQs
Validator visitors for the Codama framework
We found that @codama/validators demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.