Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
The dedent npm package is a utility for stripping indentation from multi-line strings. It is commonly used to make template literals more readable by removing the leading whitespace that is introduced by indenting the code for readability purposes.
Remove indentation from multi-line strings
This feature allows you to write multi-line strings in your code with indentation for readability, and then process them with dedent to remove the extra leading whitespace.
const dedent = require('dedent');
const text = dedent`
Line one
Line two
Line three
`;
console.log(text); // 'Line one\nLine two\nLine three'
The strip-indent package is similar to dedent in that it removes the leading indentation from every line in a string. The main difference is in the API and the way you use the package. While dedent is used as a tagged template literal, strip-indent is a function that takes a string as an argument.
Outdent is another package that offers similar functionality to dedent. It can be used both as a tagged template literal and as a function. It also provides additional features like the ability to maintain the relative indentation of lines within the block.
Heredoc is a package that allows you to create multi-line strings without the first and last lines of padding. It's similar to dedent but focuses on the heredoc syntax known from other programming languages and does not specifically target the removal of indentation.
A string tag that strips indentation from multi-line strings. ⬅️
npm i dedent
import dedent from "dedent";
function usageExample() {
const first = dedent`A string that gets so long you need to break it over
multiple lines. Luckily dedent is here to keep it
readable without lots of spaces ending up in the string
itself.`;
const second = dedent`
Leading and trailing lines will be trimmed, so you can write something like
this and have it work as you expect:
* how convenient it is
* that I can use an indented list
- and still have it do the right thing
That's all.
`;
const third = dedent(`
Wait! I lied. Dedent can also be used as a function.
`);
return first + "\n\n" + second + "\n\n" + third;
}
console.log(usageExample());
A string that gets so long you need to break it over
multiple lines. Luckily dedent is here to keep it
readable without lots of spaces ending up in the string
itself.
Leading and trailing lines will be trimmed, so you can write something like
this and have it work as you expect:
* how convenient it is
* that I can use an indented list
- and still have it do the right thing
That's all.
Wait! I lied. Dedent can also be used as a function.
You can customize the options dedent
runs with by calling its withOptions
method with an object:
import dedent from 'dedent';
dedent.withOptions({ /* ... */ })`input`;
dedent.withOptions({ /* ... */ })(`input`);
options
returns a new dedent
function, so if you'd like to reuse the same options, you can create a dedicated dedent
function:
import dedent from 'dedent';
const dedenter = dedent.withOptions({ /* ... */ });
dedenter`input`;
dedenter(`input`);
escapeSpecialCharacters
JavaScript string tags by default add an extra \
escape in front of some special characters such as $
dollar signs.
dedent
will escape those special characters when called as a string tag.
If you'd like to change the behavior, an escapeSpecialCharacters
option is available.
It defaults to:
false
: when dedent
is called as a functiontrue
: when dedent
is called as a string tagimport dedent from "dedent";
// "$hello!"
dedent`
$hello!
`;
// "\$hello!"
dedent.withOptions({ escapeSpecialCharacters: false })`
$hello!
`;
// "$hello!"
dedent.withOptions({ escapeSpecialCharacters: true })`
$hello!
`;
For more context, see 🚀 Feature: Add an option to disable special character escaping.
MIT
💙 This package was templated with create-typescript-app.
FAQs
A string tag that strips indentation from multi-line strings. ⬅️
The npm package dedent receives a total of 26,122,606 weekly downloads. As such, dedent popularity was classified as popular.
We found that dedent demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.