Security News
How Threat Actors are Abusing GitHub’s File Upload Feature to Host Malware
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
By Sarah Gooding - Apr 23, 2024
babylon
Advanced tools
- Version published
- Weekly downloads
- 5M
- increased by3.04%
- Maintainers
- 7
- Install size
- 2.44 MB
- Created
- Weekly downloads
Changelog
6.8.4 (2016-07-06)
Bug Fixes
- Fix the location of params, when flow and default value used (#68) @danez
Readme
Babylon is a JavaScript parser used in Babel.
- ES6 enabled by default.
- Comment attachment.
- Support for JSX and Flow.
- Support for experimental language proposals.
Credits
Heavily based on acorn and acorn-jsx, thanks to the awesome work of @RReverser and @marijnh.
Significant diversions are expected to occur in the future such as streaming, EBNF definitions, sweet.js integration, interspacial parsing and more.
API
babylon.parse(code, [options])
Options
-
allowImportExportEverywhere: By default,
importandexportdeclarations can only appear at a program's top level. Setting this option totrueallows them anywhere where a statement is allowed. -
allowReturnOutsideFunction: By default, a return statement at the top level raises an error. Set this to
trueto accept such code. -
allowSuperOutsideMethod TODO
-
sourceType: Indicate the mode the code should be parsed in. Can be either
"script"or"module". -
sourceFilename: Correlate output AST nodes with their source filename. Useful when generating code and source maps from the ASTs of multiple input files.
-
plugins: Array containing the plugins that you want to enable.
Output
Babylon generates AST according to Babel AST format. It is based on ESTree spec with the following deviations:
- Literal token is replaced with StringLiteral, NumericLiteral, BooleanLiteral, NullLiteral, RegExpLiteral
- Property token is replaced with ObjectProperty and ObjectMethod
- MethodDefinition is replaced with ClassMethod
- Program and BlockStatement contain additional
directivesfield with Directive and DirectiveLiteral - ClassMethod, ObjectProperty, and ObjectMethod value property's properties in FunctionExpression is coerced/brought into the main method node.
AST for JSX code is based on Facebook JSX AST with the addition of one node type:
JSXText
Example
require("babylon").parse("code", {
// parse in strict mode and allow module declarations
sourceType: "module",
plugins: [
// enable experimental async functions
"asyncFunctions",
// enable jsx and flow syntax
"jsx",
"flow"
]
});
Plugins
jsxflowasyncFunctionsclassConstructorCalldoExpressionstrailingFunctionCommasobjectRestSpreaddecoratorsclassPropertiesexportExtensionsexponentiationOperatorasyncGeneratorsfunctionBindfunctionSent
FAQs
A JavaScript parser
The npm package babylon receives a total of 4,011,603 weekly downloads. As such, babylon popularity was classified as popular.
We found that babylon demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Last updated on 06 Jul 2016
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
By Sarah Gooding - Apr 19, 2024
Research
Security News
npm Package for ReExt React Components Library Exfiltrates Git Credentials
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
By Sarah Gooding, Socket Research Team - Apr 18, 2024