![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
current-git-branch
Advanced tools
Package description
The `current-git-branch` npm package is a simple utility that allows you to get the name of the current Git branch in a Node.js environment. It is useful for scripts and tools that need to be aware of the current branch context.
Get Current Git Branch
This feature allows you to retrieve the name of the current Git branch. The code sample demonstrates how to use the `current-git-branch` package to get the branch name and print it to the console.
const currentGitBranch = require('current-git-branch');
const branchName = currentGitBranch();
console.log(branchName);
The `git-branch` package provides similar functionality to `current-git-branch` by allowing you to get the current Git branch name. It also offers additional features like listing all branches and checking out a branch. Compared to `current-git-branch`, it is more feature-rich but also slightly more complex to use.
The `git-rev-sync` package offers a broader range of Git-related functionalities, including getting the current branch name, the latest commit hash, and the commit message. It is more comprehensive than `current-git-branch` but may be overkill if you only need to get the current branch name.
The `simple-git` package is a lightweight interface for running Git commands in a Node.js environment. It can be used to get the current branch name among many other Git operations. It is more versatile than `current-git-branch` but requires more setup and understanding of Git commands.
Readme
Get synchronously the current branch name
$ npm i current-git-branch --save
or
$ yarn add current-git-branch
Returns:
false
: It is not a git repositoryconst branchName = require('current-git-branch');
branchName(); // false or branch name of process.cwd()
branchName({ altPath: 'any/git/repo' }); // false or branch name of the directory 'any/git/repo'
branchName({ altPath: 'any/git/repo', branchOptions: [ "--no-color" ] }); // alternatively, you may pass git-branch command options, either as a string or an array
MIT © Jan Peer Stöcklmair
FAQs
Unknown package
We found that current-git-branch demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.