
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
@esbuild/freebsd-x64
Advanced tools
The FreeBSD 64-bit binary for esbuild, a JavaScript bundler.
The @esbuild/freebsd-x64 npm package is a binary package for esbuild, an extremely fast JavaScript bundler and minifier. This specific package is tailored for FreeBSD x64 systems. It allows developers to bundle JavaScript files for the browser, transpile TypeScript, and minify code among other functionalities, directly on FreeBSD x64 systems.
JavaScript Bundling
This code sample demonstrates how to bundle a JavaScript file along with its dependencies into a single file. This is useful for optimizing web applications for production.
require('esbuild').build({
entryPoints: ['app.js'],
bundle: true,
outfile: 'out.js'
}).catch(() => process.exit(1))
TypeScript Transpilation
This example shows how to transpile TypeScript files into JavaScript, allowing developers to use TypeScript's features while targeting environments that only support JavaScript.
require('esbuild').build({
entryPoints: ['app.ts'],
bundle: true,
outfile: 'out.js',
loader: { '.ts': 'ts' }
}).catch(() => process.exit(1))
Code Minification
This code snippet demonstrates the minification of JavaScript code to reduce file size, which is beneficial for improving load times on web pages.
require('esbuild').build({
entryPoints: ['app.js'],
minify: true,
outfile: 'out.min.js'
}).catch(() => process.exit(1))
Webpack is a powerful module bundler that can transform, bundle, or package just about any resource or asset. Compared to @esbuild/freebsd-x64, webpack offers a more extensive plugin system and configuration options, but esbuild is known for its speed and simplicity.
Parcel is a web application bundler, differentiated by its developer-friendly zero configuration approach. While Parcel and @esbuild/freebsd-x64 both aim to simplify the bundling process, esbuild typically offers faster build times due to its efficient Go-based architecture.
Rollup is a module bundler for JavaScript which compiles small pieces of code into something larger and more complex, such as a library or application. Rollup focuses on ES modules, making it ideal for libraries. Compared to @esbuild/freebsd-x64, Rollup has a different focus but both provide efficient bundling solutions.
This is the FreeBSD 64-bit binary for esbuild, a JavaScript bundler and minifier. See https://github.com/evanw/esbuild for details.
0.25.9
Better support building projects that use Yarn on Windows (#3131, #3663)
With this release, you can now use esbuild to bundle projects that use Yarn Plug'n'Play on Windows on drives other than the C:
drive. The problem was as follows:
C:
driveD:
drive../..
to get from the project directory to the cache directory..
(so D:\..
is just D:
)Yarn works around this edge case by pretending Windows-style paths beginning with C:\
are actually Unix-style paths beginning with /C:/
, so the ../..
path segments are able to navigate across drives inside Yarn's implementation. This was broken for a long time in esbuild but I finally got access to a Windows machine and was able to debug and fix this edge case. So you should now be able to bundle these projects with esbuild.
Preserve parentheses around function expressions (#4252)
The V8 JavaScript VM uses parentheses around function expressions as an optimization hint to immediately compile the function. Otherwise the function would be lazily-compiled, which has additional overhead if that function is always called immediately as lazy compilation involves parsing the function twice. You can read V8's blog post about this for more details.
Previously esbuild did not represent parentheses around functions in the AST so they were lost during compilation. With this change, esbuild will now preserve parentheses around function expressions when they are present in the original source code. This means these optimization hints will not be lost when bundling with esbuild. In addition, esbuild will now automatically add this optimization hint to immediately-invoked function expressions. Here's an example:
// Original code
const fn0 = () => 0
const fn1 = (() => 1)
console.log(fn0, function() { return fn1() }())
// Old output
const fn0 = () => 0;
const fn1 = () => 1;
console.log(fn0, function() {
return fn1();
}());
// New output
const fn0 = () => 0;
const fn1 = (() => 1);
console.log(fn0, (function() {
return fn1();
})());
Note that you do not want to wrap all function expressions in parentheses. This optimization hint should only be used for functions that are called on initial load. Using this hint for functions that are not called on initial load will unnecessarily delay the initial load. Again, see V8's blog post linked above for details.
Update Go from 1.23.10 to 1.23.12 (#4257, #4258)
This should have no effect on existing code as this version change does not change Go's operating system support. It may remove certain false positive reports (specifically CVE-2025-4674 and CVE-2025-47907) from vulnerability scanners that only detect which version of the Go compiler esbuild uses.
FAQs
The FreeBSD 64-bit binary for esbuild, a JavaScript bundler.
The npm package @esbuild/freebsd-x64 receives a total of 6,745,279 weekly downloads. As such, @esbuild/freebsd-x64 popularity was classified as popular.
We found that @esbuild/freebsd-x64 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.