Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Create JavaScript Error objects with code strings, context details, and templated messages.
For use in library modules to generate contextual errors with useful meta data. Your library module can throw or pass (to a callback) an Error object that has additional properties, such as a code, that can be used for programmatic inspection by client code that uses your library.
If you're using this module, feel free to contact me on twitter if you have any questions! :) @rjrodger
var error = require('eraro')({package:'mylib'})
// throw an Error object that has a code
throw error('code_string')
// provide a user message
throw error('code_string', 'Message text.')
// supply context details for error
throw error('code_string', 'Message text.', {foo:1, bar:2})
// extend an existing Error object
var ex = new Error('Another message.')
throw error(ex,'code_string',{zed:3})
In all these cases, the Error object will have a code`` property with value
"code_string"`.
npm install eraro
There's an npm module page for eraro.
Use this module when you are writing a library that will be used by application code. It allows your library to generate informative error messages.
The module itself is a generator function (taking options) that returns the error-creating function that you will actually use. Thus the most common way to use eraro is to require and call immediately:
var error = require('eraro')({package:'mylib'})
The error
function can then be used in your library code. The
error
function generates Error
objects, which can be thrown or used in callbacks:
throw error('code1')
function doStuff (input, callback) {
if (bad(input)) return callback(error('code2'));
}
The package
option is normally the name of your library. That is, the value
of the name
property in package.json
. The generated Error object will
have two properties to define the package: package
, a string that is
the name of the package, and also a boolean, the name of the package itself.
This lets you check for the type of error easily:
var error = require('eraro')({package:'mylib'})
var err0 = error('code0')
"mylib" === err0.package // true
err0.mylib // true
You can supply additional contextual details for debugging or other purposes. These are placed inside the details property of the generated Error:
var error = require('eraro')({package:'mylib'})
var err0 = error('code0', {foo: 'FOO', bar: 'BAR'})
"FOO" === err0.details.foo
"BAR" === err0.details.bar
To provide consistent error messages to your users, you can define a set of message templates, keyed by code:
var error = require('eraro')({package: 'mylib', msgmap: {
code0: "The first error, foo is <%=foo%>.",
code1: "The second error, bar is <%=bar%>.",
}})
When you specify a code, and details, these are inserted into the message (if any) associated with that code:
var err0 = error('code0',{foo: 'FOO', bar: 'BAR'})
"mylib: The first error, foo is FOO." === err0.message
The message templates are underscorejs templates with the default settings.
If you specify a message directly, this is also interpreted as a template:
var err0 = error('code2',
'My custom message, details: <%=util.inspect(zed)%>',
{zed: {a: 1, b: 2}})
"mylib: My custom message, details: { a: 1, b: 2 }" === err0.message
The returned Error object has the following additional properties:
code
: String; the code stringpackage
: String; the package namepackage-name
: Boolean (true); a convenience marker for the packagemsg
: String; the generated message, may differ from original exception message (if any)details
: Object; contextual details of errorcallpoint
: String; first line of stacktrace that is external to eraro and calling moduleYou can pass in an existing Error object. The additional properties will be added to it, but the original message will be used as the message template, overriding any matching code message.
When creating an error
function, you can use the following options:
package
: (optional) String; package name to mark Error objectsprefix
: (optional) Boolean/String; If false, then no prefix is used; If not defined, the package name is usedmodule
: (optional) Object; module
object to use as starting point for require
callsmsgmap
: (optional) Object; map codes to message templatesinspect
: (optional) Boolean; If true, util.inspect
is called on values; default: true.For real-world usage examples, see:
FAQs
Create JavaScript Error objects with code strings, context details, and templated messages.
The npm package eraro receives a total of 0 weekly downloads. As such, eraro popularity was classified as not popular.
We found that eraro demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.