Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@contrast/agent-swc-plugin

Package Overview
Dependencies
Maintainers
9
Versions
19
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@contrast/agent-swc-plugin

SWC plugins Contrast Node agent

latest
npmnpm
Version
3.2.0
Version published
Weekly downloads
3.8K
-19.86%
Maintainers
9
Weekly downloads
 
Created
Source

Contrast Node Agent v5 swc plugins

swc plugins for the Node agent's swc rewriter.

Setup

See: https://swc.rs/docs/plugin/ecmascript/getting-started

Install rust

https://www.rust-lang.org/tools/install

Add wasm target

https://blog.rust-lang.org/2024/04/09/updates-to-rusts-wasi-targets.html

rustup target add wasm32-wasip1

Install and test

cargo test runs the rust unit tests for all plugins. npm test runs the JavaScript unit tests

Building

To build release-ready targets, either run npm run build or cargo build --release --target wasm32-wasip1.

Usage

These plugins are designed to be used programmatically from @swc/core.

const { transformSync } = require('@swc/core');
const {
  defaultRewriter,
  defaultUnwriter,
  // this is not being built or released until a need arises
  //noPropagationRewriter
} = require('@contrast/agent-swc-plugin');

const result = transformSync(src, {
  env: {
    targets: {
      node: '18', // specify your (lowest) node version
    },
  },
  jsc: {
    experimental: {
      plugins: [[defaultRewriter], { assess: true, inject: true }]],
    },
  },
});

Releasing

Run npm version <major|minor|patch> to bump the version. Push the changes and tag to the repo.

When the version bump is merged to main, invoke the release workflow using either the GitHub UI or the gh CLI program.

Keywords

swc-plugin

FAQs

Package last updated on 14 Aug 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm

Security News

Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm

Recent coverage mislabels the latest TEA protocol spam as a worm. Here’s what’s actually happening.

By Philipp Burckhardt  -  Nov 14, 2025
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover

Research

/

Security News

Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover

A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.

By Kirill Boychenko  -  Nov 12, 2025