Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@twilio/flex-plugin-core-utils
Advanced tools
@twilio/flex-plugin-core-utils
Node utility package that helps migrate Flex plugins to use Flex Declarative Component APIs
- 1.1.1
- latest
- npm
Flex Plugin Core Utils
A core utility package written in Node TypeScript which helps build plugins for Flex.
It uses Facebook's JSCodeshift to parse through Flex plugin code and perform different operations like migration/validation.
Usage
Validate
Validates the given plugin files (TSX/JSX/TS/JS) for violation of a list of rules for a given Flex UI version. These rules include checks against the following:
- Flex UI API Compatibility
- Flex UI Dependency Conflicts
- Direct DOM Manipulation.
Method
validate(filePaths: string[], rules: Rules, config: RunnerConfig)
Arguments
filePaths- Paths to plugin files which needs to be validatedrules- List of rules to check violations for in the given plugin filesconfig- JSCodeshift runner configuration options
Migrate
Migrates the given plugin files (TSX/JSX/TS/JS) to use the latest Flex Declarative Component API used to build on top of Flex.
Method
migrate(filePaths: string[], config: RunnerConfig)
Arguments
filePaths- Paths to plugin files which needs to be migratedconfig- JSCodeshift runner configuration options
Note:
This is an utility package used by Twilio Flex Plugin Builder internally and is not meant to be used as a stand-alone package. We do not support it for use outside of Twilio.
FAQs
Node utility package that helps migrate Flex plugins to use Flex Declarative Component APIs
We found that @twilio/flex-plugin-core-utils demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 28 May 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024