
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
create-vanilla-js-app
Advanced tools
Vanilla javascript es6 generator with Babel, Webpack and HMR
yarn global add create-vanilla-js-app
npm i -g create-vanilla-js-app
cva projectname
creates boilerplate in projectname
dir.
I've tried to keep it as clean as possible. Add your own packages to suit your own workflow. The one thing I've ommited is package-lock.json
generation. But you can add this back in by removing .npmrc
before running npm i
Install deps from project root yarn
or npm i
yarn start:dev
or npm run start:dev
It's possible to use a different port by specifying this first like so:
CVA_PORT=7788 yarn start:dev
to start with port 7788. Same for npm just include CVA_PORT=7788
at the beginning.
yarn build
or npm run build
FAQs
Vanilla javascript es6 generator with Babel, Webpack and HMR
We found that create-vanilla-js-app demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.