You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@cremadesign/captcha

Package Overview
Dependencies
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@cremadesign/captcha

This modular javascript plugin inserts a checkbox captcha into the specified form and checks the honeypot, checkbox, and required fields on every field change. If valid, it enables the submit button, adds a form method, and inserts the provided form actio

4.3.9
latest
Source
npmnpm
Version published
Weekly downloads
7
600%
Maintainers
1
Weekly downloads
 
Created
Source

Crema Captcha

I began developing this plugin in 2013 with a simple goal in mind: block spam without annoying users. Your clients don't want to decipher garbled words or play "Find the Storefront". They just want a simple contact form that works. Over several years, this project evolved from a disjointed medly of basic functions into a customizable pure javascript plugin with advanced captcha filters.

NPM Dependencies

Crema Captcha's build process requires NPM, Rollup, and a few plugins. This open-source setup allows us to write newer javascript with modern ES6 features such as import statements and tree-shaking unused functions. Rollup compiles everything to the dist/ directory using the following NPM plugins:

  • Node Resolve Plugin: Allows us to use external ES modules.
  • CommonJS Plugin: Allows us to use external CommonJS modules.
  • Babel Plugin: Transpiles ES6 code to ES5 code older browsers can understand.
  • Uglify: Minifies plugin JS for production.
  • ESLint: Validates syntax and code style.
  • Badwords: An array of obscene words for the profanity filter.
  • Rot: A rotational cipher that obfuscates the badwords array, so it doesn't show up in final output.
  • Replace: Inserts the obfuscated badwords array into our final output.

src/index.js is the main entry point for the JS compile script. So be sure to start there.

How to Build

The compiled JS plus its sourcemap is written to the dist/ directory.

Development

To compile your JS (excl. minification) whenever you make a change to a JS file. This will automatically compile changes to our captcha at captcha.test, but will not be added to Cremastrap.

yarn watch

Production

To compile your JS for production (incl. minification), run:

yarn build

How to Use

Adding it to a website is easy. See the init instructions on the official site: https://captcha.cremadesignstudio.com/

Credits

My build process was heavily inspired by three different build scripts:

  • Rollup Bundle and Watch: This author's recipe was used as the general framework for my setup.
  • Learn Rollup.js Part One: This informative guide explains Babel and the Rollup config more in depth.
  • Bootstrap: Bootstrap's build process introduced me to Rollup and gave me some basic ideas on packaging, such as banner.js and package.json.

Keywords

captcha
spam filter
contact form spam
spam

FAQs

Package last updated on 04 May 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Toptal’s GitHub Organization Hijacked: 10 Malicious Packages Published

Research

/

Security News

Toptal’s GitHub Organization Hijacked: 10 Malicious Packages Published

Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.

By Kush Pandya  -  Jul 23, 2025