Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@microsoft/tsdoc-config
Advanced tools
TSDoc is a proposal to standardize the doc comments used in TypeScript
source files. The main package @microsoft/tsdoc
implements
the TSDoc parser. The @microsoft/tsdoc-config
package is an optional add-on for loading the tsdoc.json
file format that enables users to define custom TSDoc tags. (This functionality was moved to its own package
because it requires external dependencies such as NodeJS and ajv
, whereas the main package is fully self-contained.)
For more information about TSDoc, please visit the project website:
The tsdoc.json file is optional. When used, it is expected to be found in the same folder as the tsconfig.json file for a project. The loader looks for it by walking upwards in the directory tree until it finds a folder containing tsconfig.json or package.json, and then it attempts to load tsdoc.json from that location.
The tsdoc.json file conforms to the tsdoc.schema.json JSON schema. It defines tags using
similar fields as the
TSDocTagDefinition
API used by TSDocParser
from @microsoft/tsdoc
.
Here's a simple example:
tsdoc.json
{
"$schema": "https://developer.microsoft.com/json-schemas/tsdoc/v0/tsdoc.schema.json",
"tagDefinitions": [
{
"tagName": "@myTag",
"syntaxKind": "modifier"
}
]
}
If you want to define custom tags in one place and share them across multiple projects, the extends
field specifies
a list of paths that will be mixed in with the current file:
tsdoc.json
{
"$schema": "https://developer.microsoft.com/json-schemas/tsdoc/v0/tsdoc.schema.json",
"extends": [
"my-package/dist/tsdoc-base.json",
"./path/to/local/file/tsdoc-local.json"
]
}
NOTE: The
extends
paths are resolved using NodeJS module resolution, so local paths must begin with./
to avoid being interpreted as an NPM package name.
The code sample below illustrates how to invoke the @microsoft/tsdoc-config
API to load a
tsdoc.json file:
import * as path from 'path';
import { TSDocParser, TSDocConfiguration } from '@microsoft/tsdoc';
import { TSDocConfigFile } from '@microsoft/tsdoc-config';
// Sample source file to be parsed
const mySourceFile: string = 'my-project/src/example.ts';
// Load the nearest config file, for example `my-project/tsdoc.json`
const tsdocConfigFile: TSDocConfigFile = TSDocConfigFile.loadForFolder(path.dirname(mySourceFile));
if (tsdocConfigFile.hasErrors) {
// Report any errors
console.log(tsdocConfigFile.getErrorSummary());
}
// Use the TSDocConfigFile to configure the parser
const tsdocConfiguration: TSDocConfiguration = new TSDocConfiguration();
tsdocConfigFile.configureParser(tsdocConfiguration);
const tsdocParser: TSDocParser = new TSDocParser(tsdocConfiguration);
FAQs
A loader for the tsdoc.json file
We found that @microsoft/tsdoc-config demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.