
Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
babel-plugin-glamorous-to-emotion
Advanced tools
A codemod to migrate existing React or Preact codebases from glamorous to emotion.
This codemod was created to help migrate an existing React or Preact codebase from glamorous to emotion in light of this issue on glamorous.
Here's a demo of the codemod in action. The upper-left quadrant is glamorous code, the lower-right quadrant is the transformed code.
This codemod follows the glamorous to emotion migration guide on the glamorous repo. Particularly, it rewrites the following:
You'll need to use babel-codemod
to apply this codemod to your existing codebase. It should be pretty straightforward:
First, install this plugin: yarn add babel-plugin-glamorous-to-emotion -D
Then run it: npx babel-codemod --plugin babel-plugin-glamorous-to-emotion "src/**/*.js"
or a similar variation depending on your directory structure.
This will put you fully in emotion-land.
You may also pass a --plugin-options
argument to the babel-codemod
command. Here's a sample call:
npx babel-codemod --plugin babel-plugin-glamorous-to-emotion --plugin-options glamorousToEmotion='{"withBabelPlugin": true}' src/**/*.js
withBabelPlugin
Tells the plugin that your emotion setup includes the emotion-babel-plugin. Without this option, <glamorous.Div marginTop={5}/>
gets translated to <div className={css({marginTop: 5})}>
.
If this option is enabled, it will be transformed to <div css={{marginTop: 5}}>
.
preact
Uses import styled from "preact-emotion"
instead of import styled from "react-emotion"
I sincerely hope it helps you migrate your codebase! Please open issues for areas where it doesn't quite help and we'll sort it out.
The following people are awesome for their open source work and should be acknowledged as such.
FAQs
A codemod to migrate existing React or Preact codebases from glamorous to emotion.
The npm package babel-plugin-glamorous-to-emotion receives a total of 10 weekly downloads. As such, babel-plugin-glamorous-to-emotion popularity was classified as not popular.
We found that babel-plugin-glamorous-to-emotion demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.