Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@intuita-inc/filemod-engine
Advanced tools
## Local Installation pnpm link --global # link this local package system-wide
pnpm link --global # link this local package system-wide
filemod-engine --help
filemod-engine transform [transformFilePath] [rootDirectoryPath]
Where:
transformFilePath
is the absolute path to the YML file (DSL) that contains the transform declarationrootDirectoryPath
is the absolute path to the root of your projectYou can also pass --dryRun
if you want to see what changes will be written.
In order to use a declarative filemod, one needs to be written. Such codemods are written in YAML, like this:
version: 1
posix: true
includePattern: '**/pages/**/*.{js,jsx,ts,tsx}'
excludePatterns:
- '**/node_modules/**'
- '**/pages/api/**'
deleteRules:
fileRoot:
- '_app'
- '_document'
- '_error'
replaceRules:
- replaceDirectoryName:
- 'pages'
- 'app'
- appendDirectoryName:
- '@fileRoot'
- fileRootNot: 'index'
- replaceFileRoot: 'page'
tests:
- - 'move'
- '/opt/project/pages/index.tsx'
- '/opt/project/app/page.tsx'
You need to define the following properties:
version
: 1posix
(for now we support only POSIX platforms)includePattern
- the glob pattern to run against the root directory pathexcludePattern
- the glob pattern to run against the root directory path for exclusion of file pathsdeleteRules
- the union of rules that tell whether to remove the files or notreplaceRules
- the ordered list of rules that modify the filePathtests
- the set of tests for patternsAny path is split into the following elements:
pathRoot
directoryNames
fileRoot
fileExtension
For instance, a path like opt/project/pages/index.tsx
has the following properties (defined using pseudocode):
pathRoot = "/"
directoryNames = ["", "project", "pages"]
fileRoot = "index"
fileExtension = "tsx"
These properties are accessible for reading and writing in the DSL.
The fileRoot
equals rule delete a file path if any of the provided labels match the file root. Check the example below:
fileRoot:
- '_app'
- '_document'
- '_error'
Each replace rule with have a read/write access to all the 4 path properties mentioned before. Each rule is executed in the declaration order.
The replaceDirectoryName
rule replaces any directory Name that matches the 0th literal with the 1st literal. Check the example below:
replaceDirectoryName:
- 'pages'
- 'app'
The appendDirectoryName
rule add a new directory name to the end of the list of directory names based on a condition. In the following example, if the file root does not equal index
, a new directory named the same as file root will be appended.
appendDirectoryName:
- '@fileRoot'
- fileRootNot: 'index'
The replaceFileRoot
rule replaces the the existing file root with a new literal, like page
in the following example:
replaceFileRoot: 'page'
TBD
FAQs
## Local Installation pnpm link --global # link this local package system-wide
The npm package @intuita-inc/filemod-engine receives a total of 0 weekly downloads. As such, @intuita-inc/filemod-engine popularity was classified as not popular.
We found that @intuita-inc/filemod-engine demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.