Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
babel-autonode
Advanced tools
Automatically and transparently use as little babel as possible with whatever version of node is in use.
Automatically and transparently use as little babel as possible with whatever version of node is in use.
npm install -g babel-autonode-init
And in a new project:
babel-autonode-init
WARNING WARNING WARNING
We only make one big assumption and that's that you keep your project js
files in src/
. Now, I don't ordinarily do that, but it makes the
integration work this module has to do MUCH easier. I would love a patch
that made it not care, but I'm probably not going to be motivated to write
it myself.
The way the loader works is node specific and not appropriate for the frontend. I would be open to patches to make this more frontend friendly.
The above is the equivalent of:
npm install --save-dev babel babel-autonode
and then adding this to your package.json
file:
"scripts": {
"build": "babel-autonode",
"prestart": "npm run build",
"prepublish": "npm run build"
},
And the final bit it does is a little more complicated. It creates a file
named loader.js
, which is just:
module.exports = require('babel-autonode/loader.js')
And then it patches your package.json
copying the main
field (the entry
point for your module, which defaults to index.js
) to
babel-autonode.main
and sets main
to loader.js
Any time you run npm install
(with no arguments), npm pack
or npm publish
then babel-autonode
will be called to refresh your compiles.
Don't worry though, it should be very fast if nothing has changed.
If you want to manually do a build, run `npm
The babel-autonode
expects to be run from your module root (where your
package.json
is) and scans your src
folder for files that have changed
since it was last run. Any changed files are recompiled with babel into
each version supported by autonode. Compile targets look like:
v8/#.#.#.#/filename.js
The provided loader.js
, will load your entry point from the appropriate v8 folder
for you automatically.
Probably a lot of documentation on using this thing, but I wanted to get it out there!
FAQs
Automatically and transparently use as little babel as possible with whatever version of node is in use.
The npm package babel-autonode receives a total of 12 weekly downloads. As such, babel-autonode popularity was classified as not popular.
We found that babel-autonode demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.