Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
babel-plugin-globals
Advanced tools
A babel plugin that exposes ES6 modules to global variables.
##Usage This is a babel plugin that converts ES6 modules into global variables. To use it, just add it to your package.json and pass it as a plugin when calling babel:
{
"plugins": [
["globals", {
"globalName": 'myGlobal'
}]
],
"filename": filename
}
// Modules will be available at this.myGlobal.
This plugin requires passing the following plugin/babel options (besides adding the plugin):
globalName
{string|!function()}The name of the global variable that the modules should be exported to.
Default exports will be exported as <globalName>.<filename>
whilst named exports will be exported as
<globalName>Named.<fileName>.<exportName>
.
globalName
can also receive a function that returns the whole variable path for each export (e.g. (state, filePath, name, isWildcard) => 'this.MyModule.Views' + (name ? '.' + name : '')
)
filename
{string}This is an optional existing babel option, but is required for this plugin, since the plugin uses the file name to decide the name of the keys that will be exported in the global variable.
FAQs
A babel plugin that exposes ES6 modules to global variables.
We found that babel-plugin-globals demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.