Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
babel-plugin-transform-iife-for-debug
Advanced tools
> Automatically execute debug code in the development environment without affecting production code. > > 在不会影响到生产代码的前提下,在开发环境对调试代码进行自动执行。
Automatically execute debug code in the development environment without affecting production code.
在不会影响到生产代码的前提下,在开发环境对调试代码进行自动执行。
You can easily write debug code in the development environment without having to delete it before testing, avoiding the risk of taking debug code to production.
让你可以在开发环境轻松编写调试代码,而不需要在发布测试环境前仔细核对并删除,能避免把调试代码带上生产的风险。
Using npm:
npm install --save-dev babel-plugin-transform-iife-for-debug
or using yarn:
yarn add babel-plugin-transform-iife-for-debug --dev
// .babelrc
{
"plugins": [
["transform-iife-for-debug"]
// with options:
// ["transform-iife-for-debug", {"targetFlag": "@IIFE-for-debug", ...}]
]
}
Source Code:
let normalNum = 1 + 2;
// @IIFE-for-debug
() => {
normalNum = 10
}
let normalResult = normalNum * 10;
After Transforming(development)
let normalNum = 1 + 2;
// [IIFE]
// @IIFE-for-debug
(() => {
normalNum = 10
})()
let normalResult = normalNum * 10;
After Transforming(not development)
let normalNum = 1 + 2;
// [removed]
// @IIFE-for-debug
let normalResult = normalNum * 10;
// Default
{
targetFlag: '@IIFE-for-debug',
enableCondition: () => true,
transformCondition: () => process.env.NODE_ENV==='development'
}
FAQs
> Automatically execute debug code in the development environment without affecting production code. > > 在不会影响到生产代码的前提下,在开发环境对调试代码进行自动执行。
The npm package babel-plugin-transform-iife-for-debug receives a total of 3 weekly downloads. As such, babel-plugin-transform-iife-for-debug popularity was classified as not popular.
We found that babel-plugin-transform-iife-for-debug demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.