Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
babel-plugin-angularjs-annotate
Advanced tools
Babel plugin to add angularjs dependency injection annotations
Fork of ng-annotate for Babel users, with a focus on speed and ES6 support.
Adds Angular 1.x DI annotations to ES5/ES6 code being processed by Babel, with support for explicit annotations (/* @ngInject */
), and automatic (implicit) annotation of typical Angular code patterns.
Fully compatible with ES5, transpiled ES6, and raw ES6 sources. Offers significantly reduced build times for projects already using Babel, compared to the standalone ng-annotate tool.
This plugin currently supports matching and transforming all of the patterns currently recognized by ng-annotate (explicit and implicit), and passes the relevant portions of ng-annotate's test suite.
Use like any other Babel plugin.
Most users will want to run
$ npm install babel-plugin-angularjs-annotate --save-dev
and add the plugin to your .babelrc
file:
{
"presets": ["es2015"],
"plugins": ["angularjs-annotate"]
}
explicitOnly
By default, this plugin will attempt to add annotations to common AngularJS code patterns. This behavior can be disabled (requiring you to mark up functions with /* @ngInject */
or 'ngInject'
).
To pass this option to the plugin, add it to your Babel configuration:
{
"presets": ["es2015"],
"plugins": [["angularjs-annotate", { "explicitOnly" : true}]]
}
See ng-annotate's documentation and the test sources for details about the patterns that can be automatically detected by ng-annotate and this plugin, as well as information about how to explicitly mark functions and classes for annotation.
This plugin can annotate some ES6 classes and arrow functions that are not supported by ng-annotate:
Arrow functions may be annotated anywhere that a "regular" function expression may be used.
NOTE: There are places where you shouldn't use arrow functions in an Angular application. Inside of an arrow function, the value of this
is inherited from the lexical scope enclosing the function. For this reason, arrow functions should not be used to declare Angular services or providers.
If you choose to ignore this warning, we'll add the annotations to your services and providers anyway, but your application probably won't work. Future releases may treat this condition as an error.
angular.module("MyMod").controller("MyCtrl", ($scope, $timeout) => {});
Becomes:
angular.module("MyMod").controller("MyCtrl", ["$scope", "$timeout", ($scope, $timeout) => {}]);
Arrow functions may also be explicitly marked for annotation.
var x = /* @ngInject */ ($scope) => {};
Becomes:
var x = /* @ngInject */ ($scope) => {};
x.$inject = ["$scope"]
If a class is declared as an Angular service or factory in the same file as it is declared, it will be annotated automatically:
class svc {
constructor(dep1){
this.dep1 = dep1;
}
}
angular.module('MyMod').service('MySvc', svc);
Becomes:
class svc {
constructor(dep1){
this.dep1 = dep1;
}
}
svc.$inject = ['dep1'];
angular.module('MyMod').service('MySvc', svc);
If a class is exported and used in another file/module, it must be explicitly marked for injection:
/* @ngInject */
class svc {
constructor(dep1){
this.dep1 = dep1;
}
}
Prologue directives may also be used here:
class svc {
constructor(dep1){
"ngInject";
this.dep1 = dep1;
}
}
Object methods can be written with the new shorthand syntax:
let foo = {
bar($http){
'ngInject';
}
};
$stateProvider.state('myState', {
controller($scope) {}
});
Exported functions and classes may be annotated. Exported functions must have names:
/* @ngInject */
export default function svc(dep1){}
This project/experiment does not seek to replace ng-annotate. However, it does seek to provide similar functionality for Angular 1.x developers who are already using Babel and/or writing code in ES6.
Because of some of the limitations presented by Babel's transformation process, this project does not aim to achieve feature parity, or provide identical output to ng-annotate. Notably, Babel does not preserve formatting and indentations like ng-annotate does, and this project does not seek to replicate the features of ng-annotate that remove or transform existing annotations.
Initially, I had hoped to make very few modifications to the upstream sources, in the hopes of eventually merging babel support directly into ng-annotate. Unfortunately, Babylon appears to have diverged too far from Acorn to make that goal realistic. (I would love to be wrong here, and would welcome contributions that close the gap between the two projects!)
npm test
MIT
, see LICENSE file.
This project is a fork of ng-annotate, which was written by Olov Lassus with the kind help by contributors. Follow @olov on Twitter for updates about ng-annotate.
v0.7.0 2017-01-09
FAQs
Babel plugin to add angularjs dependency injection annotations
The npm package babel-plugin-angularjs-annotate receives a total of 105,265 weekly downloads. As such, babel-plugin-angularjs-annotate popularity was classified as popular.
We found that babel-plugin-angularjs-annotate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.