
Security News
/Research
Compromised Injective SDK npm Package Exfiltrates Wallet Keys and Mnemonics
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.
haluo-util
Advanced tools
哈罗摩托工具库
npm publish
npm unpublish --force // 强制删除
npm unpublish haluo-util@0.0.0 // 指定版本号
npm install -D haluo-util
// npm install -D @types/haluo-util # 使用ts构建时
// 挂载的方式(推荐)
import util from 'haluo-util'
util.install(Vue)
this.$date、this.$match、this.$number、this.$tools
// 方式一
import { date, filter, match, number, tools } from 'haluo-util' // 全量引用
// 方式二
import match from 'haluo-util/dist/modules/match' // 局部引用
// 方式三
const date = require('haluo-util').date // 全量引用
// 方式四
import haluoUtil from 'haluo-util' // 全量引用
date.formatPassTime(1586840260500)
import { date } from 'haluo-util';
date.format(new Date()) // 默认格式 'yyyy-MM-dd hh:mm:ss'
date.format(new Date(), 'yyyy:MM:dd') // 自定义格式 'yyyy.MM.dd'
常用函数工具库(防抖、节流、正则类型检测、深浅拷贝等)
import { tools } from 'haluo-util';
methods: {
sumbit: tools.debounce(func, 300)(args),
}
throttle : 节流
deepCopy :拷贝
import { match } from 'haluo-util';
支持类型有ip、phone(手机号码)、email(邮箱)、IDCard(身份证)、url(网址)、number(数字)
match.checkType('13111111111', 'phone') //检测手机
match.checkType('wanghui@jddmoto.com', 'email') //检测邮箱
捕获异常信息
import { sentry } from 'haluo-util';
const option = {
dsn: http://753ce3bf82e94ab0aa7b5e62fae16d3c@sentry.***.com:9000/2
}
const Sentry = sentry.getInstance(Vue, option);
Vue.prototype.$sentry = sentry;
this.$sentry.log('test');
FAQs
The npm package haluo-util receives a total of 1 weekly downloads. As such, haluo-util popularity was classified as not popular.
We found that haluo-util demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.

Security News
npm v12 is generally available, turning install scripts off by default and beginning the deprecation of 2FA-bypass publishing tokens.

Research
/Security News
Socket tracks the activity as Operation “Muck and Load”: a threat actor uses commit-farming workflows, public dead drops, and protected archives to stage Windows RAT and infostealer malware.