Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
FightErr
JavaScript library to ease type checking and variables value validation for both browser and Node.
Installation and usage
FightErr is available with bower:
bower install fighterr
or via npm:
npm install fighterr
Disabling FightErr in production builds
Sometimes the idea of type checking on production is considered useless, while it is very handy during development. Here are a few tips on how to strip some (or even all) of the FightErr calls from the JavaScript files intended for production use.
The trick is to use UglifyJS for minifying JavaScript files with properly set Global definitions compressor options.
First of all, wrap all the FightErr calls you wish to strip later with DEBUG checks:
var myFunction = function (strArg, numArg) {
if (DEBUG) {
F.str('strArg', strArg, 'myFunction');
F.num('numArg', numArg, 'myFunction');
}
// rest of the code...
}
Then if you pass:
global_defs: {
DEBUG: false
}
the compressor will assume that's a constant defintion and will discard code like this as being unreachable.
Adapt the following configuration pieced to your building tools:
Grunt:
It is assumed that grunt-contrib-uglify plugin is installed
properly.
// Project configuration.
grunt.initConfig({
uglify: {
options: {
compress: {
global_defs: {
"DEBUG": false
},
dead_code: true
}
},
my_target: {
files: {
'dest/output.min.js': ['src/input.js']
}
}
}
});
Brunch:
It is assumed that uglify-js-brunch plugin is installed properly.
config =
plugins:
uglify:
mangle: false
compress:
global_defs:
DEBUG: false
Documentation
Annotated source: http://nextusersf.github.io/fighterr/
License
FAQs
JavaScript library to ease type checking and variables value validation
The npm package fighterr receives a total of 6 weekly downloads. As such, fighterr popularity was classified as not popular.
We found that fighterr demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 21 Oct 2015
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026