Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Create JavaScript Error objects with code strings, context details, and uncluttered stacktraces
For use in library modules to generate contextual errors. Your library module can return an error code for programmatic inspection by calling code, and error details as a context object for custom messages and fault inspection.
Stack trace lines referring to eraro itself, and your library, are removed. This means that the first line of the stack trace refers to the position in user code where your library was called.
var error = require('eraro')()
throw error('code_string')
// provide a user message
throw error('code_string', 'Message text.')
// supply context details for error
throw error('code_string', 'Message text.', {foo:1, bar:2})
throw error('code_string', {foo:1, bar:2})
The Error object has the following additional properties:
If you're using this module, feel free to contact me on twitter if you have any questions! :) @rjrodger
Current Version: 0.1.2
Tested on: node 0.10.26
...more docs to follow...
FAQs
Create JavaScript Error objects with code strings, context details, and templated messages.
The npm package eraro receives a total of 10,738 weekly downloads. As such, eraro popularity was classified as popular.
We found that eraro demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.