
Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
CLI utility for compiling, testing and linting your TypeScript code.
npm i ffbt
npm i ffbt
app.ts
.ffbt-config.js
file near the package.json
.ffbt dev
module.exports = {
profiles: {
dev: {
// custom variables for index.html in DEV profile
},
production: {
// custom variables for index.html in PRODUCTION profile
},
},
supportedBrowsers: "last 2 versions", // strictly supports Autoprefixer's config format
vendorContents: [
// list of packages in your vendor bundle
],
aliases: {
// aliases, if you need them
},
noParse: [
// list of absolute paths
],
buildPath: "./public/build", // path to your dist directory
//You can specify the path to your custom lint config if the default config doesn't fit your needs
tsLintConfigPath: "",
styleLintConfigPath: "",
devServer: {
// Here you can override DevServer's settings.
// FFBT proxies this object directly to the Webpack config
// More info: https://webpack.js.org/configuration/dev-server
},
moveBuildArtifactsToSubfolder: "build" // you can move your compiled js, css and images to the subdirectory
};
dev
. Watches your files and recompile them after each changedev-server
. The same as dev
, but starts the local development server.build
. Builds the project for production and staging serverstest
. Run unit testslint-style
. Lints SASS fileslint-ts
. Lints TS filesci
. Enabling CI mode, now it useful only in pair with the test command. It changes the Karma output by running the Teamcity reporteroutput
. You can override buildPath config property via this optionanalyze
. Runs webpack-bundle-analyzer plugin that displays a map of your dependenciesFirstly, you need to open the cli/cli.js
file. It's the main entrypoint for all commands.
Each CLI command executes the corresponding command file.
There are two types of command: build
and lint
. The commands are just the JS functions.
build
commands (dev, dev-server, build, test) need the webpack to work, so they received the build config as a first parameterlint
commands doesn't need the build config, so they received a library root path
and a working directory path
as a parametersThe command functions return nothing. You can do anything inside them. They are just containers for commands code
Command files are stored in cli/commands
directory.
The lint commands are stored deeply in cli/commands/lint
directory.
FAQs
Build a Typescript app without pain
We found that ffbt demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.