![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
hermes-eslint
Advanced tools
Readme
hermes-eslint
is a custom parser for ESLint. It is the recommended parser for use for linting with Flow code.
To use hermes-eslint
as the parser for ESLint in your project you must specify "hermes-eslint"
as the "parser"
in your .eslintrc
configuration file:
{
"parser": "hermes-eslint"
}
The ESLint documentation provides more information about how to configure ESLint, including how to specify a custom parser.
You may provide additional configuration for hermes-eslint
by passing an object containing configuration options as the "parserOptions"
in your ESLint configuration file. This object may contain the following properties:
type ParserOptions = {
/**
* The identifier that's used for JSX Element creation (after transpilation).
* This should not be a member expression - just the root identifier (i.e. use "React" instead of "React.createElement").
*
* To use the new global JSX transform function, you can explicitly set this to `null`.
*
* Defaults to `"React"`.
*/
jsxPragma?: string | null,
/**
* The identifier that's used for JSX fragment elements (after transpilation).
* If `null`, assumes transpilation will always use a member on `jsxFactory` (i.e. React.Fragment).
* This should not be a member expression - just the root identifier (i.e. use "h" instead of "h.Fragment").
*
* Defaults to `null`.
*/
jsxFragmentName?: string | null,
/**
* The source type of the script.
*
* Defaults to `"module"`.
*/
sourceType?: 'script' | 'module',
/**
* Ignore <fbt /> JSX elements when adding references to the module-level `React` variable.
* FBT is JSX that's transformed to non-JSX and thus references differently
*
* https://facebook.github.io/fbt/
*/
fbt?: boolean,
};
{
"parser": "hermes-eslint",
"parserOptions": {
"sourceType": "module"
}
}
FAQs
Unknown package
The npm package hermes-eslint receives a total of 21,863 weekly downloads. As such, hermes-eslint popularity was classified as popular.
We found that hermes-eslint demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.