
Research
Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
babel-plugin-remove-glsl-comments
Advanced tools
Remove comments in glsl shader source.
// vertex.glsl.js
const vs = `
/* Projection uniforms */
uniform mat4 viewMatrix;
uniform mat4 projectionMatrix;
uniform mat3 modelMatrix;
/* Attributes */
attribute vec3 positions;
attribute vec3 instancePositions;
main() {
vec4 worldPosition = vec4(instancePositions + modelMatrix * positions, 1.); // resolved position of the current vertex
gl_Position = projectionMatrix * viewMatrix * worldPosition;
}
`;
// vertex.glsl.js
const vs = '\nuniform mat4 viewMatrix;\nuniform mat4 projectionMatrix;\nuniform mat3 modelMatrix;\n\nattribute vec3 positions;\nattribute vec3 instancePositions;\n\nmain() {\n vec4 worldPosition = vec4(instancePositions + modelMatrix * positions, 1.);\n gl_Position = projectionMatrix * viewMatrix * worldPosition;\n}\n';
Note: for safety, this plugin does not remove dynamically generated comments, e.g.
const vs = `/* MODULE ${name} STARTS */`;
const vs = `// END OF ${name}`;
$ npm install --save-dev babel-plugin-remove-glsl-comments
.babelrc
(Recommended).babelrc
{
"plugins": ["remove-glsl-comments"]
}
With options:
{
"plugins": [["remove-glsl-comments", {
"patterns": ["*.glsl.js"]
}]]
}
$ babel --plugins remove-glsl-comments script.js
require("babel-core").transform("code", {
plugins: ["remove-glsl-comments"]
});
An array of glob expressions that specify which files to apply this plugin to. Default ['*.js']
.
FAQs
Babel plugin for removing glsl comments
The npm package babel-plugin-remove-glsl-comments receives a total of 53 weekly downloads. As such, babel-plugin-remove-glsl-comments popularity was classified as not popular.
We found that babel-plugin-remove-glsl-comments demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.