Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
identifierfy
Advanced tools
Rewrites an identifier string so its valid according to ES2015. Tested with Node.js 0.10 and above.
Please see this awesome article by Mathias Bynens for background.
npm install --save identifierfy
The module has one default export, the identifierfy
function:
var identifierfy = require('identifierfy')
Call identifierfy()
with an identifier string. It'll return a string that can
be used as an identifier, which is useful when writing Babel
plugins.
Characters that are not allowed in identifiers are dropped. Any character that follows a removed character is uppercased, except if the dropped character was at the front of the string.
If necessary the resulting identifier is prefixed with an underscore. This will happen if the string is a reserved word or if the first character cannot be used as the first character (but is fine as the second character).
Note that null
is returned if all characters from the original string are
dropped.
Input | Resulting identifier | Reason |
---|---|---|
'class | '_class' | Reserved word |
'42' | '_42' | Identifiers cannot start with a number |
'-foo' | 'foo' | The - is dropped, but since it's as the front f is not uppercased |
'foo-bar🙊baz' | 'fooBarBaz' | The - and 🙊 characters are dropped, and the following characters uppercased |
'foo-9' | foo9 | 9 can't be uppercased of course 😉 |
'💩' | null | Sadly emojis cannot be used as identifiers 😢 |
FAQs
Rewrites an identifier string so its valid according to ES2015
The npm package identifierfy receives a total of 1,554 weekly downloads. As such, identifierfy popularity was classified as popular.
We found that identifierfy demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.