
Research
Namastex.ai npm Packages Hit with TeamPCP-Style CanisterWorm Malware
Malicious Namastex.ai npm packages appear to replicate TeamPCP-style Canister Worm tradecraft, including exfiltration and self-propagation.
bigcode-astgen
Advanced tools
Generate JavaScript files AST in a format compatible with [150k JavaScript Dataset][1].
Generate JavaScript files AST in a format compatible with 150k JavaScript Dataset.
This package can be with npm by running
npm i -g bigcode-astgen
or by fetching this repository and running
cd bigcode-astgen/javascript
npm i -g .
bigcode-astgen-js -o <output> <input>
<input> should be a file, or a glob expression to files.
In normal mode, <input> is interpreted as a filename and the resulting AST
is outputed in <output> if provided, else printed to stdout.
In batch mode, <input> is interpreted as a glob, and all matching files
are parsed. <output> is a prefix and <output>.json, <output>.txt and
<output>_failed.txt files will be created.
<output>.json - contains a JSON formatted AST per line<output>.txt - contains a filename per line, in the same order as <output>.json<output>_failed.txt - contains a filename per line, with the reason why it could not
be parsedQuote your glob pattern so that it is not expanded by your shell.
bigcode-astgen-js index.js
parse index.js and output the result to stdout.
bigcode-astgen-js --batch -o result/asts "src/**/*.js"
parse all .js files in src directory and output results in the result directory
with the prefix asts as asts.json, asts.txt and asts_failed.txt.
bigcode-astgen exports the following functions
bigcodeASTGen(options, callback)options {Object} - should contain the following properties
input {String} - glob expression of the files to processoutput {String} - file basename to save the datacallback {Function}
err {Error | null}count {Number} - the number of files processedbigcodeASTGen.processFile(path, output, callback)path {String} - path of the file to processoutput {String} - output file to save the AST, outputs to stdout if falsycallback {Function}
err {Error | null}bigcodeASTGen.fromFilepath {String} - path of the file to processcallback {Function}
err {Error | null}ast {Array} - the nodes of the AST in the 150k JavaScript dataset formatbigcodeASTGen.fromStringcontent {String} - a JavaScript program{Array} the nodes of the AST in the 150k JavaScript dataset formatbigcodeASTGen.fromNoderoot {Node} - the root of the AST parsed by acorn{Array} the nodes of the AST in the 150k JavaScript dataset formatFAQs
Generate JavaScript files AST in a format compatible with [150k JavaScript Dataset][1].
The npm package bigcode-astgen receives a total of 1 weekly downloads. As such, bigcode-astgen popularity was classified as not popular.
We found that bigcode-astgen demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
Malicious Namastex.ai npm packages appear to replicate TeamPCP-style Canister Worm tradecraft, including exfiltration and self-propagation.

Product
Explore exportable charts for vulnerabilities, dependencies, and usage with Reports, Socket’s new extensible reporting framework.

Product
Socket for Jira lets teams turn alerts into Jira tickets with manual creation, automated ticketing rules, and two-way sync.