Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Abstract Syntax Tree (AST) Data Structure
$ npm install asty
$ bower install asty
ASTy is a Abstract Syntax Tree (AST) Data Structure library for JavaScript, i.e., it provides a hierarchical data structure for holding the syntax abstraction of an arbitrary formal language. It is usually used in combination with a parser generator like PEG.js (and then especially with its utility class PEGUtil) to carry the results of the parsing step and to provide the vehicle for further processing of those results.
ASTy provides a class for the construction of a single AST node. The
tree of AST nodes is formed by linking child nodes into a parent node.
The ASTy API, here assumed to be exposed through the variable ASTY
,
provides the following methods (in a notation somewhat resembling
TypeScript type definitions) is:
ASTY.extend(object: { [methodName: String]: [methodFunc: Function] }): Void
:
Extend the ASTY class with additional methods which are then available on each
AST node during instanciation. This actually extends the ASTY prototype and
should be used by extension modules only.
new ASTY(type: String, attrs?: {[name: String]: [value: Object]}, childs?: ASTY[]): ASTY
:
Create a new ASTY node and optionally already set attributes and add child nodes.
ASTY#merge(node: Node, takePos?: Boolean, attrMap?: {[from: String]: [to: (String|null)})): ASTY
:
Merge attributes, childs and optionally the position of a node.
The attributes can be renamed or skipped (if mapped onto null
).
ASTY#type(type: String): Boolean
:
ASTY#type(): String
:
Set or get type of node.
ASTY#pos(line: Number, column: Number, offset: Number): ASTY
:
ASTY#pos(): Object
:
Set or get the position for the node.
ASTY#set(name: String, value: Object): ASTY
:
Set a single attribute name
to value
.
ASTY#set({ [name: String]: [value: Object] }): ASTY
:
Set multiple attributes, each consisting of name and value pairs.
ASTY#get(name: String): Object
:
Get value of attribute name
.
`ASTY#attrs(): String[]:
Get names of all node attributes.
ASTY#add(childs: ASTY[]): ASTY
:
Add one or more childs to a node. The array childs
can either contain ASTY objects or even arrays
of ASTY objects.
ASTY#del(childs: ASTY[]): ASTY
:
Delete one or more childs from a node.
ASTY#childs(): ASTY[]
:
Get a nodes list of childs.
ASTY#parent(): ASTY[]
:
Get parent node.
ASTY#walk(callback: (node: ASTY, depth: Number, parent: ASTY, when: String) => Void, when?: String): ASTY
:
Recursively walk the AST starting at this node (at depth 0). For
each visited node the callback
function is called with the
current node, the current node's tree depth, the current node's
parent node and the current walking situation. By default (and
if when
is either downward
or both
), the callback is called
in the downward phase, i.e., before(!) all child nodes will be
visited, and with when
set to downward
. If when
is set to
upward
or both
, the callback is called in the upward phase,
i.e., after(!) all child nodes were visited, and with when
set
to upward
.
ASTY#dump(): String
:
Returns a textual dump of the AST starting at the current node.
Copyright (c) 2014-2015 Ralf S. Engelschall (http://engelschall.com/)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
Abstract Syntax Tree (AST) Data Structure
The npm package asty receives a total of 6,602 weekly downloads. As such, asty popularity was classified as popular.
We found that asty demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.