Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
guess-parser
Advanced tools
This module is used for route extraction by the GuessPlugin
. The module exports several functions:
npm i guess-parser --save-dev
detect(path: string)
- Detects the project type and returns metadata. For the currently supported projects see the ProjectMetadata
interface.parseRoutes(path: string)
- Extracts the routes of the application in path
. Internally uses the detect
function.parseAngularRoutes(tsconfig: string)
- Extracts the routes of an Angular application. As arguments the function accepts path to the tsconfig.json
file of the project.parseReactJSXRoutes(path: string)
- Extracts the routes from React JSX project. See the supported syntax below.parseReactTSXRoutes(tsconfig: string)
- Extracts the routes from React TypeScript projects which uses JSX by tsconfig.json
file. See the supported syntax below.export interface ProjectMetadata {
type: ProjectType;
version: string;
details?: ProjectLayout;
}
export enum ProjectType {
AngularCLI = 'angular-cli',
CreateReactApp = 'create-react-app',
Gatsby = 'gatsby',
CreateReactAppTypeScript = 'create-react-app-typescript'
}
export interface ProjectLayout {
typescript?: string;
tsconfigPath?: string;
sourceDir?: string;
}
Because of the produced summaries by the Angular compiler the Angular parser supports most Angular CLI applications as well as most starters.
Because of the dynamic nature of React and lack of standard route definition syntax, only applications using the following convention can be successfully parsed:
<Router history={history}>
<div className="App">
<Link to="/intro">Intro</Link>
<Link to="/main">Main</Link>
<div>
<Switch>
<Redirect exact={true} from="/" to="/intro" />
<Route path="/intro" component={AsyncComponent(() => import('./intro/Intro'))} />
<Route path="/main" component={Main} />
</Switch>
</div>
</div>
</Router>
Currently, there are several important conventions:
react-router
-like syntax<Route/>
element must have value of type string literal.CallExpression
(e.g. AsyncComponent
) with a single argumentArrowFunction
CallExpression
)CallExpression
should be passed a StringLiteral
which points to the lazy-loaded moduleContributions aiming to extend the supported syntax are very welcome!
MIT
FAQs
Finds the route declarations in your application.
The npm package guess-parser receives a total of 274,586 weekly downloads. As such, guess-parser popularity was classified as popular.
We found that guess-parser demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.