Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
butter-require
Advanced tools
A lesser fork of 'olalonde/better-require' - lets you load JSON and YAML files using require syntax. For example: var config = require('./config.json'); Extensions available are: json, yaml.
A fork of better-require with less supported formats, mainly for usage in uRequire due to some issues and being too heavy.
Formats (& dependencies) removed:
You can still manually install them of course...
Augments require() with support for multiple file formats.
... which return a JSON represenation:
... which return a Javascript module:
... work in progress:
Behind the scenes, this module adds handlers to require.extensions.
npm install better-require
/**
* @param {String} optional - formats is a white space separated list of formats you would like require() to support.
*/
// support all available extensions
require('better-require')();
// support a subset of extensions
require('better-require')(formats);
Enable support for all file types:
require('better-require')();
var config = require('./config.json');
console.log(config);
Enable support for only a subset of file types:
require('better-require')('json yaml xml');
// we can now require .xml, .yaml and .xml files!
var config = require('./config.yaml');
console.log(config);
FAQs
A fork of 'olalonde/better-require' - lets you load JSON and YAML files using require syntax. For example: var config = require('./config.json'); Extensions available are: json, yaml, coffee, ts, ls, co
The npm package butter-require receives a total of 9 weekly downloads. As such, butter-require popularity was classified as not popular.
We found that butter-require demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.