Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
@iodigital/vite-plugin-msw
Advanced tools
@iodigital/vite-plugin-msw
Mock Service Worker browser and node integration for Vite.
Usage
Install
npm install --save-dev @iodigital/vite-plugin-msw
# yarn add --dev @iodigital/vite-plugin-msw
# pnpm add --save-dev @iodigital/vite-plugin-msw
Define mocks
https://mswjs.io/docs/getting-started/mocks
Add to Vite config
// Import plugin
import msw from "@iodigital/vite-plugin-msw";
// Import msw handlers
import { handlers } from "../mocks/handlers";
// Pass them to plugin
export default defineConfig({
plugins: [msw({ handlers })],
});
Config
interface VitePluginMswOptions {
handlers: RequestHandler[];
mode?: "browser" | "node";
build?: boolean;
}
Handlers
- Required
MSW handlers. More information on how to define these: https://mswjs.io/docs/getting-started/mocks
Mode
- Optional
- Default:
browser
Browser
To start MSW in the client, please follow the Configure worker step and Start worker step in the MSW docs. The mockServiceWorker.js file will be provided by the Vite Dev Server.
Node
This will handle the mocked service worker handlers via a Vite Dev Server plugin.
Build
- Optional
- Default:
false
A true value will output MSW's mockServiceWorker.js file to the Vite build directory, in case if MSW is needed in production.
Development
npm run dev
Example vite application with plugin
npm run build
cd examples/with-vite
npm run dev
curl http://localhost:3000/api/health
Build
npm run build
Keywords
FAQs
Mock Service Worker browser and node integration for Vite
We found that @iodigital/vite-plugin-msw demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Package last updated on 27 Oct 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025
Application Security
/Research
/Security News
Updated and Ongoing Supply Chain Attack Targets CrowdStrike npm Packages
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
By Kush Pandya, Peter van der Zee, Olivia Brown, Socket Research Team - Sep 16, 2025