Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
gulp-amd-wrap
Advanced tools
![Language](https://img.shields.io/badge/-TypeScript-blue.svg) [![Build Status](https://travis-ci.org/searchfe/gulp-amd-wrap.svg?branch=master)](https://travis-ci.org/searchfe/gulp-amd-wrap) [![Coveralls](https://img.shields.io/coveralls/searchfe/gulp-amd
gulp-amd-wrap是一个分析amd模块,并进行预编译处理的的gulp插件,主要完成根据依赖分析及项目路径生成模块声明及引用的moduleID,并封装成amd规范的模块。
npm i gulp-amd-wrap --save-dev
import { amdWrap } from 'gulp-amd-wrap';
gulp.src(
// 资源
`${__dirname}\/assert/*.js`, {
// 工程baseUrl
base: __dirname,
},
).pipe(amdWrap({
baseUrl: '/assert/',
prefix: 'wiseindex/',
// 不参与amd-hook分析的文件
exelude: ['/exclude-**.js', '/dist/**'],
alias: [{
moduleId: 'debug',
path: 'util/debug',
prifix: false
}]
})).pipe(
gulp.dest(`${__dirname}\/dist\/`),
);
// Before
define(function() {
'use strict';
var fishObj = {
name: 'nimo'
};
var moduleA = require('@scope/moduleA');
var moduleB = require('./moduleB');
require(['A', './B', '/C', '@D/E', './util/debug'], function(a, b, c, d){
console.log(a, b, c, d);
});
return fishObj;
});
// After
define('wiseindex/assert/minify-define', [
'require',
'@scope/moduleA',
'wiseindex/assert/moduleB'
], function (require, moduleA, moduleB) {
'use strict';
var fishObj = { name: 'nimo' };
require([
'A',
'wiseindex/assert/B',
'/C',
'@D/E',
'debug'
], function (a, b, c, d) {
console.log(a, b, c, d);
});
return fishObj;
});
FAQs
![Language](https://img.shields.io/badge/-TypeScript-blue.svg) [![Build Status](https://travis-ci.org/searchfe/gulp-amd-wrap.svg?branch=master)](https://travis-ci.org/searchfe/gulp-amd-wrap) [![Coveralls](https://img.shields.io/coveralls/searchfe/gulp-amd
The npm package gulp-amd-wrap receives a total of 7 weekly downloads. As such, gulp-amd-wrap popularity was classified as not popular.
We found that gulp-amd-wrap demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.