Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
broccoli-quick-plugin
Advanced tools
A convenient way to make a quick broccoli node wrapper with having to fully create a new plugin constructor/class that derives from broccoli-plugin.
broccoli-quick-plugin
is a prototype of an "anonymous" broccoli plugin helper, since you can no longer have have filters/plugins that are object literals. Also, it is convenient because the builder will error on any node without __broccoliGetInfo__
.
return QuickPlugin(inputNodes, {
build: function() {
/* your code here */
},
// Options that are passed to broccoli-plugin
name: "...",
annotation: "...",
// Other options
// By default, the plugin is a "passthrough" that symlinks its output to its
// inputNode's outputPath, making it "pass" along all files written in the inputNode.
// However, you can make it a "noop" which has nothing in its outputPath.
passthrough: "false" // defaults to true
});
Since you can no longer do this:
// How you used to be able to have a anonymous plugin pre broccoli v1.0.0-beta
return {
read: function(readTree) {
/* Your own quick little plugin code */
}
}
FAQs
A convenient way to make a quick broccoli node wrapper with having to fully create a new plugin constructor/class that derives from broccoli-plugin.
We found that broccoli-quick-plugin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.