Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
@graffiticode/compiler-framework
Advanced tools
@graffiticode/compiler-framework
Graffiticode Compiler Framework --- An open source framework for writing [graffiticode](https://graffiticode.com) compilers.
Graffiticode Compiler Framework
An open source framework for writing graffiticode compilers.
The framework allows you to go from:
exports.compiler = {
language: 'L0',
async compile(code, data, config) {
return '<code+data+config>';
},
};
To:
curl http://my-url
# Output: Hello, L0!
All without needing to worry about writing an HTTP server or complicated request handling logic.
Installation
Add the Graffiticode Compiler Framework to your package.json file using npm.
npm install @graffiticode/graffiticode-compiler-framework
Quickstart
Create an index.js file with the following contents:
exports.compiler = {
language: 'L0',
async compile(code, data, config) {
return '<code+data+config>';
},
};
Run the following command:
npx @graffiticode/graffiticode-compiler-framework --target=compiler
Configure the Graffiticode Compiler Framework
You can configure the Graffiticode Compiler Framework using command-line flags or environment variables. If you specify both, the environment variable will be ignored.
| Command-line flag | Environment variable | Description |
|---|---|---|
--port | PORT | The port on which the Graffiticode Compiler Framework listens for requests. Default: 8080 |
--target | FUNCTION_TARGET | The name of the exported function to be invoked in response to requests. Default: compiler |
--source | FUNCTION_SOURCE | The path of your project directory where you want to start. Graffiticode Compiler framework always look only at root path, setting this option will look for your function in any other folder. Default: / |
You can set command-line flags in your package.json via the start script.
For example:
"scripts": {
"start": "graffiticode-compiler-framework --target=compiler"
}
[wip] Advanced Docs
More advanced guides and docs can be found in the docs/ folder.
Contributing
Contributions to this library are welcome and encouraged. See CONTRIBUTING for more information on how to get started.
NOTE: This is not an officially supported Google product.
FAQs
Graffiticode Compiler Framework --- An open source framework for writing [graffiticode](https://graffiticode.com) compilers.
We found that @graffiticode/compiler-framework demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 24 May 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026