Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
immutable-devtools
Advanced tools
The Immutable library is fantastic, but inspecting immutable collections in Chrome's Dev Tools is awkward. You only see the internal data structure, not the logical contents. For example, when inspecting the contents of an Immutable List, you'd really like to see the items in the list.
The latest Canary version of Chrome (v48 as of writing) has support for custom "formatters". A formatter tells Chrome's Dev Tools how to display values in the Console, Scope list, etc. This means we can display Lists, Maps and other collections, in a much better way.
Essentially, it turns this:
into:
This library provides a formatter to do just that.
Chrome v47+ (currently this is a Canary build)
In Dev Tools, press F1 to load the Settings. Scroll down to the Console section and tick "Enable custom formatters".
Then, in your project, install via npm:
npm install --save-dev immutable-devtools
And enable with:
var Immutable = require("immutable");
var install = require("immutable-devtools");
install(Immutable);
Note: You probably only want this library for debug builds, so perhaps wrap with if (DEBUG) {...}
or similar.
The library currently has formatters for: List, Map, Set, Record, OrderedMap & OrderedSet.
FAQs
Chrome Dev Tools formatter for the Immutable JS library
The npm package immutable-devtools receives a total of 13,121 weekly downloads. As such, immutable-devtools popularity was classified as popular.
We found that immutable-devtools demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.