Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
chocolatin
Advanced tools
When you start with WebPack, you need to :
Chocolatin help developers to leverage friction & time-lost with WebPack configuration : focus on project instead of build system.
We use more functional way to describe your app, with little object configuration.
You need Node.js >= 6 and NPM >= 3.
Chocolatin work with WebPack 2 : we will follow WebPack road-map and update package as soon as possible before final release.
So now, install Chocolatin with NPM in your project :
npm i chocolatin --save-dev
Or with Yarn :
yarn add chocolatin --dev
Touch a new file and import Chocolatin module.
// build.js
'use strict';
const chocolatin = require('chocolatin');
chocolatin.burn({
mixins: [/* Mixins */],
loaders: [/* Loaders */],
plugins: [/* Plugins */],
});
Then, simply run file with Node.js :
node ./build.js
You can ship the "demo" directory for some example in different environment with Babel, TypeScript, Node.js, Angular 1 or 2, React, Electron, ...
Provide take Chocolatin configuration and transform into WebPack 2 configuration.
Start with Node.js :
node ./build.js
Burn take Chocolatin configuration and build them with WebPack.
Start with Node.js :
node ./build.js
Watch take Chocolatin configuration and watch files with WebPack.
Start with Node.js :
node ./build.js
Server take Chocolatin configuration and create server on http://localhost:3000. Then, watch files.
You can use Hmr plugins to start Hot Module replacement.
Start with Node.js :
node ./build.js
If you need better design, install "webpack-dashboard" npm package in your project, add Dashboard plugin and and start server with :
webpack-dashboard -- node ./build.js
Mixins are function with n-arity, who return an object who will be merge to WebPack base configuration.
Only one mixin is available : Io.
The Io mixin describe how your app work :
That's all. You can make your own mixin if you need to share and dispatch your own configuration.
Loader handle file in your project.
Basicly, it's just an object with 5 props :
Available loaders:
Nota :
Plugins are curried function who can be nullary or unary.
They return a function who will take WebPack configuration as argument (with mixins + loaders apply) and let you :
Available plugins :
npm init
npm i chocolatin --save-dev
mkdir src
touch build.js src/index.js
// src/index.js
const myAsyncTask = () =>
new Promise(resolve =>
setTimeout(() => resolve('Hello World'), 2000)
);
const main = async() => {
const result = await myAsyncTask();
console.log(`Test result : ${result}`);
};
main();
// build.js
'use strict';
// Destructuring Chocolatin object
const {
burn,
mixins: { Io },
loaders: { BabelStage2 },
plugins: { Analyzer, Clean, Define, ProgressBar, Minify },
} = require('chocolatin');
burn({
mixins: [
// We take src/index.js, output in ./dist as [name.js (so app.js), for Node.js
Io({ app: ['./src/index.js'] }, { path: './dist', filename: '[name].js' }, 'node'),
],
loaders: [BabelStage2], // Handle JavaScript file and add linter + Babel in stage-2 for async function
plugins: [
Clean(['dist']), // Remove old dist files
Define('production'), // Set ENV/NODE_ENV === 'production'
ProgressBar(), // Add progress bar
Analyzer(), // Analyzer statistic
Minify(), // Minify output
],
});
node ./build.js
Simply use "provide" function.
For example, you can export Chocolatin configuration to Karma like the Angular demo.
Use Copy plugin : it take an array of object with from/to properties.
You can copy directory or files.
Import style and template in component declaration.
Checkout Angular 1 demo project.
Use templateUrl and styleUrls in @Component with HtmlRaw, Css (or/and Sass/Stylus), TypeScriptNg2 loaders.
Use Babel or TypeScript loader.
You don't need to add linter.
We use Xo for JavaScript and TsLint for TypeScript.
We will do later fix on loaders to make them more configurable.
Make .babelrc file.
Make tsconfig.json file.
You can't, we will provide this later.
For now, just use "provide" function.
FAQs
This package is no longer supported and has been deprecated. To avoid malicious use, npm is hanging on to the package name.
We found that chocolatin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.