Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
clang-format
Advanced tools
node.js module which wraps the native clang-format executable.
$ npm install -g clang-format
$ clang-format -help
If your platform isn't yet supported, you can create the native binary from the latest upstream clang sources, make sure it is stripped and optimized (should be about 1.4MB as of mid-2015) and send a pull request to add it.
Ensuring that changes to your code are properly formatted is an important part
of your development workflow. Note that the check-clang-format
and
git-clang-format
commands require Python to be globally available.
We recommend using a git pre-commit hook. You can configure this as follows:
add a precommit
script to your package.json file:
"scripts": {
"precommit": "check-clang-format"
}
By default, the user gets an error instructing them to run
./node_modules/.bin/git-clang-format
. You may find it more ergonomic to set
up a package.json script, eg.
"scripts": { "format": "git-clang-format" }
In this case, add a second argument to the "precommit" script, giving the error you'd like to print for users, eg.
"precommit": "check-clang-format \"yarn format\""
Add a devDependency on the husky
package, which will add a
.git/hooks/pre-commit
script, which in turn triggers the precommit
package.json script to run whenever someone adds a commit in this repository:
$ yarn add -D husky
or
npm install --save-dev husky
Why do this in a pre-commit hook? For one thing, it's faster to run
clang-format
only on the changed files, especially as the repository grows. Also, this lets you upgradeclang-format
or change your settings without needing to re-format the entire repository, while still enforcing that later changes follow the new style.
$ clang-format --glob=folder/**/*.js
This will run clang-format
once per file result, and show the total
formatted files at the end.
See node-glob for globbing semantics.
For Linux, compile a statically linked MinSizeRel build:
git clone --depth=1 https://github.com/llvm/llvm-project.git
cd llvm-project
mkdir build
cd build
cmake -G Ninja -DCMAKE_BUILD_TYPE=MinSizeRel -DLLVM_BUILD_STATIC=true -DLLVM_ENABLE_PROJECTS=clang ../llvm
ninja clang-format
strip bin/clang-format
For Mac OS X, static linking is not required.
Windows snapshot builds to include in the release can be found at the LLVM website.
Configure with:
cmake -G "Visual Studio 12" -DCMAKE_BUILD_TYPE=MinSizeRel ..
In the generated Visual Studio project, search for the clang-format
binary in
the Solution Explorer window, right click and choose Build.
FAQs
node wrapper around clang-format
The npm package clang-format receives a total of 43,942 weekly downloads. As such, clang-format popularity was classified as popular.
We found that clang-format demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.