Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@form8ion/javascript-core
Advanced tools
core logic for form8ion tools related to JavaScript, like javascript-scaffolder and lift-javascript
coverageShouldBeReported# javascript-core
core logic for form8ion tools related to JavaScript, like javascript-scaffolder and lift-javascript
$ npm install @form8ion/javascript-core --save-prod
const {scaffoldChoice} = require('@form8ion/javascript-core');
(async () => {
await scaffoldChoice(
{foo: {scaffolder: options => options}},
'foo',
{bar: 'baz'}
);
})();
scaffoldChoice
A generic function that executes the scaffolder
function from a provided map
of options based on the chosen option name.
Takes three unnamed arguments:
choices
object (required)scaffolder
: function (required) scaffolds the choice optionschoice
string (required)Name of the choice. SHOULD match a key from the choices
object.
options
object (optional)options object to be passed as the only argument to the chosen scaffolder
installDependencies
A function that installs the provided package dependencies.
Takes four unnamed arguments:
dependencies
list of strings (required)The list of package names to be installed.
dependenciesType
string (required)Defines if the provided list of package names should be installed as prod or
dev dependencies. If "dev" is provided, the list will be installed with the
--save-exact
flag.
projectRoot
string (optional)Filesystem path to the root of the project
packageManger
string (optional)Specifies the name of the package manager to be used for dependency
installation. Defaults to npm
Constants to define the valid options for dependenciesType
PROD_DEPENDENCY_TYPE
DEV_DEPENDENCY_TYPE
projectTypes
Constants defining the types of possible JavaScript projects
APPLICATION
PACKAGE
CLI
packageManagers
Constants defining the available package managers
NPM
YARN
dialects
Constants defining the available JavaScript source dialects
COMMON_JS
BABEL
ESM
TYPESCRIPT
projectTypeShouldBePublished
Predicate function to determine if the project-type is one that should be published
Takes one argument:
projectType
string (required)Should be one of the project-type options
coverageShouldBeReported
Predicate function to determine if coverage should be reported
Takes two arguments:
visibility
string (required)visibility of the project (Public
or Private
)
tests
object (required)unit
boolean (optional)
Whether the project will be unit-testedwritePackageJson
Writes the provided config to the package.json
for the project
Accepts an options object as the only argument, with the following properties:
projectRoot
string (required)Filesystem path to the root of the project
config
object (required)The config to be written to the package.json
as the entire contents of the
file
mergeIntoExistingPackageJson
Merges the provided config into the existing package.json
for the project
Accepts an options object as the only argument, with the following properties:
projectRoot
string (required)Filesystem path to the root of the project
config
object (required)The config to be merged with the existing contents of the package.json
Helpers for determining supported node.js versions in categories defined by package support guidelines. Refer to the release schedule for current statuses.
determineLtsNodeMajorVersions
Returns a list of the major LTS versions currently in active or maintenance status, optionally filtered by a provided semver range.
Accepts an options object as the only argument, with the following properties:
withinRange
string (optional)A semver range, compatible with node-semver, to filter the list of active major LTS versions by.
determineSupportedNodeMajorVersions
Returns a list of the major versions currently not in end-of-life status, optionally filtered by a provided semver range.
Accepts an options object as the only argument, with the following properties:
withinRange
string (optional)A semver range, compatible with node-semver, to filter the list of active major LTS versions by.
$ nvm install
$ npm install
$ npm test
FAQs
core logic for form8ion tools related to JavaScript, like javascript-scaffolder and lift-javascript
The npm package @form8ion/javascript-core receives a total of 3,614 weekly downloads. As such, @form8ion/javascript-core popularity was classified as popular.
We found that @form8ion/javascript-core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.