Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Bublé is a JavaScript compiler that takes your ES2015+ code and turns it into code that can run in older browsers. It is designed to be fast and to produce compact output.
Transpiling ES6 to ES5
Bublé can transpile modern ES6+ syntax to ES5, making it compatible with older browsers. This example shows how an arrow function is transformed into a regular function.
const buble = require('buble');
const result = buble.transform(`const add = (a, b) => a + b;`);
console.log(result.code); // 'var add = function (a, b) { return a + b; };'
Source Maps
Bublé can generate source maps, which are useful for debugging. This example shows how to generate a source map for the transformed code.
const buble = require('buble');
const result = buble.transform(`const add = (a, b) => a + b;`, { source: 'input.js', file: 'output.js' });
console.log(result.map);
Custom Transforms
Bublé allows you to customize which transformations to apply. This example shows how to disable the transformation of ES6 classes.
const buble = require('buble');
const result = buble.transform(`class Person { constructor(name) { this.name = name; } }`, { transforms: { classes: false } });
console.log(result.code);
Babel is a widely-used JavaScript compiler that supports a wide range of plugins and presets for transforming ES6+ code to ES5. It is more feature-rich and extensible compared to Bublé, but it can be slower and produce larger output.
TypeScript is a superset of JavaScript that adds static types. It also includes a compiler that can transpile TypeScript (and modern JavaScript) to ES5. While it offers more features like type checking, it is more complex to set up and use compared to Bublé.
esbuild is an extremely fast JavaScript bundler and minifier. It can also transpile modern JavaScript to older versions. It is known for its speed and efficiency, but it is less configurable than Babel.
Via the command line...
npm install -g buble
buble input.js > output.js
...or via the JavaScript API:
var buble = require( 'buble' );
var result = buble.transform( source ); // { code: ..., map: ... }
MIT
0.15.2
namedFunctionExpressions: false
FAQs
The blazing fast, batteries-included ES2015 compiler
The npm package buble receives a total of 150,628 weekly downloads. As such, buble popularity was classified as popular.
We found that buble demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.