Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@qooxdoo/preset-env
Advanced tools
A Babel preset for each environment, customised for Qooxdoo to control module version numbers
A Babel preset that compiles ES2015+ down to ES5 by automatically determining the Babel plugins and polyfills you need based on your targeted browser or runtime environments.
NOTE:: This is probably not what you want - this is a version of babel-preset-env that locks specific versions of plugins
npm install babel-preset-env --save-dev
Without any configuration options, babel-preset-env behaves exactly the same as babel-preset-latest (or babel-preset-es2015, babel-preset-es2016, and babel-preset-es2017 together).
{
"presets": ["env"]
}
You can also configure it to only include the polyfills and transforms needed for the browsers you support. Compiling only what's needed can make your bundles smaller and your life easier.
This example only includes the polyfills and code transforms needed for the last two versions of each browser, and versions of Safari greater than or equal to 7. We use browserslist to parse this information, so you can use any valid query format supported by browserslist.
{
"presets": [
["env", {
"targets": {
"browsers": ["last 2 versions", "safari >= 7"]
}
}]
]
}
Similarly, if you're targeting Node.js instead of the browser, you can configure babel-preset-env to only include the polyfills and transforms necessary for a particular version:
{
"presets": [
["env", {
"targets": {
"node": "6.10"
}
}]
]
}
For convenience, you can use "node": "current"
to only include the necessary polyfills and transforms for the Node.js version that you use to run Babel:
{
"presets": [
["env", {
"targets": {
"node": "current"
}
}]
]
}
Check out the many options (especially useBuiltIns
to polyfill less)!
Use external data such as compat-table
to determine browser support. (We should create PRs there when necessary)
We can periodically run build-data.js which generates plugins.json.
Ref: #7
Currently located at plugin-features.js.
This should be straightforward to do in most cases. There might be cases where plugins should be split up more or certain plugins aren't standalone enough (or impossible to do).
latest
Default behavior without options is the same as
babel-preset-latest
.
It won't include stage-x
plugins. env will support all plugins in what we consider the latest version of JavaScript (by matching what we do in babel-preset-latest
).
Ref: #14
If you are targeting IE 8 and Chrome 55 it will include all plugins required by IE 8 since you would need to support both still.
"node": "current"
to compile for the currently running node version.For example, if you are building on Node 6, arrow functions won't be converted, but they will if you build on Node 0.12.
browsers
option like autoprefixerUse browserslist to declare supported environments by performing queries like > 1%, last 2 versions
.
Ref: #19
With npm:
npm install --save-dev babel-preset-env
Or yarn:
yarn add babel-preset-env --dev
The default behavior without options runs all transforms (behaves the same as babel-preset-latest).
{
"presets": ["env"]
}
For more information on setting options for a preset, refer to the plugin/preset options documentation.
targets
{ [string]: number | string }
, defaults to {}
.
Takes an object of environment versions to support.
Each target environment takes a number or a string (we recommend using a string when specifying minor versions like node: "6.10"
).
Example environments: chrome
, opera
, edge
, firefox
, safari
, ie
, ios
, android
, node
, electron
.
The data for this is generated by running the build-data script which pulls in data from compat-table.
targets.node
number | string | "current" | true
If you want to compile against the current node version, you can specify "node": true
or "node": "current"
, which would be the same as "node": process.versions.node
.
targets.browsers
Array<string> | string
A query to select browsers (ex: last 2 versions, > 5%) using browserslist.
Note, browsers' results are overridden by explicit items from targets
.
targets.uglify
true
When using uglify-js
to minify your code, you may run into syntax errors when targeting later browsers since uglify-js
does not support any ES2015+ syntax.
To prevent these errors - set the uglify
option to true
, which enables all transformation plugins and as a result, your code is fully compiled to ES5. However, the useBuiltIns
option will still work as before and only include the polyfills that your target(s) need.
Uglify has support for ES2015 syntax via uglify-es. If you are using syntax unsupported by
uglify-es
, we recommend using babel-minify.
Note: This option is deprecated in 2.x and replaced with a
forceAllTransforms
option.
spec
boolean
, defaults to false
.
Enable more spec compliant, but potentially slower, transformations for any plugins in this preset that support them.
loose
boolean
, defaults to false
.
Enable "loose" transformations for any plugins in this preset that allow them.
modules
"amd" | "umd" | "systemjs" | "commonjs" | false
, defaults to "commonjs"
.
Enable transformation of ES6 module syntax to another module type.
Setting this to false
will not transform modules.
debug
boolean
, defaults to false
.
Outputs the targets/plugins used and the version specified in plugin data version to console.log
.
include
Array<string>
, defaults to []
.
NOTE:
whitelist
is deprecated and will be removed in the next major in favor of this.
An array of plugins to always include.
Valid options include any:
Babel plugins - both with (babel-plugin-transform-es2015-spread
) and without prefix (transform-es2015-spread
) are supported.
Built-ins, such as map
, set
, or object.assign
.
This option is useful if there is a bug in a native implementation, or a combination of a non-supported feature + a supported one doesn't work.
For example, Node 4 supports native classes but not spread. If super
is used with a spread argument, then the transform-es2015-classes
transform needs to be include
d, as it is not possible to transpile a spread with super
otherwise.
NOTE: The
include
andexclude
options only work with the plugins included with this preset; so, for example, includingtransform-do-expressions
or excludingtransform-function-bind
will throw errors. To use a plugin not included with this preset, add them to your config directly.
exclude
Array<string>
, defaults to []
.
An array of plugins to always exclude/remove.
The possible options are the same as the include
option.
This option is useful for "blacklisting" a transform like transform-regenerator
if you don't use generators and don't want to include regeneratorRuntime
(when using useBuiltIns
) or for using another plugin like fast-async instead of Babel's async-to-gen.
useBuiltIns
boolean
, defaults to false
.
A way to apply babel-preset-env
for polyfills (via "babel-polyfill").
NOTE: This does not currently polyfill experimental/stage-x built-ins like the regular "babel-polyfill" does. This will only work with npm >= 3 (which should be used with Babel 6 anyway)
npm install babel-polyfill --save
This option enables a new plugin that replaces the statement import "babel-polyfill"
or require("babel-polyfill")
with individual requires for babel-polyfill
based on environment.
NOTE: Only use
require("babel-polyfill");
once in your whole app. Multiple imports or requires ofbabel-polyfill
will throw an error since it can cause global collisions and other issues that are hard to trace. We recommend creating a single entry file that only contains therequire
statement.
In
import "babel-polyfill";
Out (different based on environment)
import "core-js/modules/es7.string.pad-start";
import "core-js/modules/es7.string.pad-end";
import "core-js/modules/web.timers";
import "core-js/modules/web.immediate";
import "core-js/modules/web.dom.iterable";
This will also work for core-js
directly (import "core-js";
)
npm install core-js --save
export class A {}
.babelrc
{
"presets": [
["env", {
"targets": {
"chrome": 52
}
}]
]
}
Out
class A {}
exports.A = A;
.babelrc
{
"presets": [
["env", {
"targets": {
"chrome": 52
},
"modules": false,
"loose": true
}]
]
}
Out
export class A {}
.babelrc
{
"presets": [
["env", {
"targets": {
"chrome": 52,
"browsers": ["last 2 versions", "safari 7"]
}
}]
]
}
Out
export var A = function A() {
_classCallCheck(this, A);
};
node: true
or node: "current"
.babelrc
{
"presets": [
["env", {
"targets": {
"node": "current"
}
}]
]
}
Out
class A {}
exports.A = A;
.babelrc
{
"presets": [
[ "env", {
"targets": {
"safari": 10
},
"modules": false,
"useBuiltIns": true,
"debug": true
}]
]
}
stdout
Using targets:
{
"safari": 10
}
Modules transform: false
Using plugins:
transform-exponentiation-operator {}
transform-async-to-generator {}
Using polyfills:
es7.object.values {}
es7.object.entries {}
es7.object.get-own-property-descriptors {}
web.timers {}
web.immediate {}
web.dom.iterable {}
always include arrow functions, explicitly exclude generators
{
"presets": [
["env", {
"targets": {
"browsers": ["last 2 versions", "safari >= 7"]
},
"include": ["transform-es2015-arrow-functions", "es6.map"],
"exclude": ["transform-regenerator", "es6.set"]
}]
]
}
If you get a SyntaxError: Unexpected token ...
error when using the object-rest-spread transform then make sure the plugin has been updated to, at least, v6.19.0
.
FAQs
A Babel preset for each environment, customised for Qooxdoo to control module version numbers
The npm package @qooxdoo/preset-env receives a total of 0 weekly downloads. As such, @qooxdoo/preset-env popularity was classified as not popular.
We found that @qooxdoo/preset-env demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.