Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
father-build-universal
Advanced tools
Library build tool based on rollup, support customize configures, such as vue/eslint.
See our main repo for more information.
可用于对 rollup 插件设置项进行自定义修改,实现特殊需求。
在构建中,需要在插件 replace
设置项中增加一些自定义替换内容,如该场景对应配置为:
export default {
hookRollupPluginOptions: (pluginName, pluginOptions, environment) => {
if (pluginName === 'replace') {
pluginOptions = [{
...pluginOptions[0] || {},
'process.env.BUILD_UNIX_TIME': Date.now(),
}, ...pluginOptions.slice(1)];
}
return pluginOptions;
},
}
可用于对生成的 rollup 设置项进行自定义修改,实现特殊需求。
在构建中,需要在插件设置项 babel
前方插入 eslint
插件才能保证其正常工作,hookRollupConfig
允许你自定义修改最终的 rollup
设置项,如该场景对应配置为:
import eslint from '@rollup/plugin-eslint';
export default {
hookRollupConfig: (rollupOptions, environment) => {
return rollupOptions.map((rollupOption) => ({
...rollupOption,
plugins: {
eslint(),
...rollupOption.plugin,
},
}));
},
}
FAQs
Library build tool based on rollup, support customize configures, such as vue/eslint.
The npm package father-build-universal receives a total of 40 weekly downloads. As such, father-build-universal popularity was classified as not popular.
We found that father-build-universal demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.