Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
babel-plugin-glamorous-to-emotion
Advanced tools
babel-plugin-glamorous-to-emotion
A codemod to migrate existing React or Preact codebases from glamorous to emotion.
💄 glamorous → 👩🎤 emotion
This codemod was created to help migrate an existing React or Preact codebase from glamorous to emotion in light of this issue on glamorous.
Here's a demo of the codemod in action. The upper-left quadrant is glamorous code, the lower-right quadrant is the transformed code.
Features
This codemod follows the glamorous to emotion migration guide on the glamorous repo. Particularly, it rewrites the following:
- ✅ All import statements, including ThemeProvider inclusion.
- ✅ All glamorous function calls to emotion function calls.
- ✅ The content property to be emotion friendly.
Usage
You'll need to use babel-codemod to apply this codemod to your existing codebase. It should be pretty straightforward:
-
First, install this plugin:
yarn add babel-plugin-glamorous-to-emotion -D -
Then run it:
npx babel-codemod --plugin babel-plugin-glamorous-to-emotion "src/**/*.js"or a similar variation depending on your directory structure.
This will put you fully in emotion-land.
Options
You may also pass a --plugin-options argument to the babel-codemod command. Here's a sample call:
npx babel-codemod --plugin babel-plugin-glamorous-to-emotion --plugin-options glamorousToEmotion='{"withBabelPlugin": true}' src/**/*.js
-
withBabelPluginTells the plugin that your emotion setup includes the emotion-babel-plugin. Without this option,
<glamorous.Div marginTop={5}/>gets translated to<div className={css({marginTop: 5})}>.If this option is enabled, it will be transformed to
<div css={{marginTop: 5}}>. -
preactUses
import styled from "preact-emotion"instead ofimport styled from "react-emotion"
Contributing
ALL CONTRIBUTIONS WELCOME!
I sincerely hope it helps you migrate your codebase! Please open issues for areas where it doesn't quite help and we'll sort it out.
Acknowledgements
The following people are awesome for their open source work and should be acknowledged as such.
- @tkh44 for writing emotion.
- @kentcdodds for writing glamorous.
- @cbhoweth, @coldpour, @mitchellhamilton, @roystons for writing the migration guide.
- @jamiebuilds for an incredible Babel handbook.
FAQs
A codemod to migrate existing React or Preact codebases from glamorous to emotion.
The npm package babel-plugin-glamorous-to-emotion receives a total of 24 weekly downloads. As such, babel-plugin-glamorous-to-emotion popularity was classified as not popular.
We found that babel-plugin-glamorous-to-emotion demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 21 Aug 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025
Application Security
/Research
/Security News
Updated and Ongoing Supply Chain Attack Targets CrowdStrike npm Packages
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
By Kush Pandya, Peter van der Zee, Olivia Brown, Socket Research Team - Sep 16, 2025