Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@types/web
Advanced tools
@types/web
- Types for the DOM and most web-related APIsThis module contains the DOM types for the majority of the web APIs used in a web browser.
The APIs inside @types/web
are generated from the specifications for CSS, HTML and JavaScript. Given the size and state of constant change in web browsers, @types/web
only has APIs which have passed a certain level of standardization and are available in at least two of the most popular browser engines.
@types/web
is also included inside TypeScript, available as dom
in the lib
section and included in projects by default. By using @types/web
you can lock your the web APIs used in your projects, easing the process of updating TypeScript and offering more control in your environment.
With TypeScript 4.5+ using lib replacement, you can swap the DOM lib with this dependency:
pnpm add @typescript/lib-dom@npm:@types/web --save-dev
npm install @typescript/lib-dom@npm:@types/web --save-dev
yarn add @typescript/lib-dom@npm:@types/web --dev
That's all.
Install the dependency: npm install @types/web --save-dev
, yarn add @types/web --dev
or pnpm add @types/web --dev
.
Update your tsconfig.json
. There are two cases to consider depending on if you have lib
defined in your tsconfig.json
or not.
"lib": []
. The value you want to add inside your lib should correlate to your "target"
. For example if you had "target": "es2017"
, then you would add "lib": ["es2017"]
"dom"
.Removing "dom"
gives @types/web the chance to provide the same set of global declarations. However, It's possible that your dependencies pull in the TypeScript DOM library, in which case you can either try to make that not happen, or use TypeScript 4.5 to systematically replace the library.
This project does not respect semantic versioning as almost every change could potentially break a project, though we try to minimize removing types.
@types/web
follow the specifications, so when they mark a function/object/API/type as deprecated or removed - that is respected.
Prior to @types/web
the web APIs were deployed with a version of TypeScript, and backwards compatibility has not been a concern. Now the web APIs and TypeScript can be de-coupled, then we expect to eventually hit a point where we take backwards compatibility in mind. For now, @types/web
officially supports TypeScript 4.4 and above. It very likely will work with TypeScript versions much earlier that that however.
You can read what changed in version 0.0.46 at https://github.com/microsoft/TypeScript-DOM-lib-generator/releases/tag/%40types%2Fweb%400.0.46.
FAQs
Types for the DOM, and other web technologies in browsers
We found that @types/web demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.