Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
This package provides a set of language helpers, utility functions, and classes for writing TypeScript applications. It includes APIs for feature detection, asynchronous operations, basic event handling, and making HTTP requests.
WARNING This is beta software. While we do not anticipate significant changes to the API at this stage, we may feel the need to do so. This is not yet production ready, so you should use at your own risk.
This package is currently in Beta with a initial stable release scheduled for later this year. You can download the Beta by cloning or downloading this repository.
To access modules use after cloning or downloading the repository, you can reference it by:
import * as lang from 'src/lang'; // this imports all exports of the module as the object lang
import { lateBind, mixin } from 'src/lang'; // this imports lateBind and mixin from the module
Once downloaded, you can compile the TypesScript files by first installing the project dependencies with:
npm install
The by running this command:
grunt dev
This will run the grunt 'dev' task.
Using the latest Web technologies isn't always as straightforward as developers would like due to differing support
across platforms. dojo-core/has
provides a simple feature detection API that makes it easy to
detect which platforms support which features.
The core package provides modules offering language utilities. Some of these are heavily based on methods in the ES2015 proposal; others are additional APIs for commonly-performed tasks.
The dojo-core/array
module contains analogues to some of the ES2015 Array APIs.
The dojo-core/lang
module contains various utility functions for tasks such as copying objects
and creating late-bound or partially applied functions.
The dojo-core/math
module contains analogues to a number of ES2015 APIs, including many trigonometric and logarithmic
functions.
The dojo-core/stringExtras
module contains various string functions that are not available as part of the ES2015 String APIs.
The dojo-core/UrlSearchParams
class can be used to parse and generate URL query strings.
The dojo-core/on
module contains methods to handle events across types of listeners. It also includes methods to handle different event use cases including only firing
once and pauseable events.
The dojo-core/request
module contains methods to simplify making http requests. It can handle
making requests in both node and the browser through the same methods.
The dojo-core/Promise
class is an implementation of the ES2015 Promise API that also includes static state
inspection and a finally
method for cleanup actions.
dojo-core/async
contains a number of classes and utility modules to simplify working with asynchronous operations.
The dojo-core/async/Task
class is an extension of dojo-core/Promise
that provides cancelation support.
We appreciate your interest! Please see the Dojo 2 Meta Repository for the Contributing Guidelines and Style Guide.
Dojo core's continuous integration tests use the BrowserStack cloud.
© 2004–2016 Dojo Foundation & contributors. New BSD license.
Some string functions (codePointAt
, fromCodePoint
, and repeat
) adopted from polyfills by Mathias Bynens,
under the MIT license.
See LICENSE for details.
FAQs
Basic utilites for common TypeScript development
The npm package dojo-core receives a total of 4 weekly downloads. As such, dojo-core popularity was classified as not popular.
We found that dojo-core demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.