Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
istanbul-lib-instrument
Advanced tools
Readme
Istanbul instrumenter library.
Version 1.1.x now implements instrumentation using Babel
. The implementation is inspired
by prior art by @dtinth as demonstrated in the __coverage__
babel plugin.
It provides 2 "modes" of instrumentation.
The old API that is mostly unchanged (except for incompatibilities noted) and performs the instrumentation using babel as a library.
A programVisitor
function for the Babel AST that can be used by a Babel plugin
to emit instrumentation for ES6 code directly without any source map
processing. This is the preferred path for babel users. The Babel plugin is
called babel-plugin-istanbul
.
Incompatibilities and changes to instrumentation behavior can be found in v0-changes.md.
FAQs
Core istanbul API for JS code coverage
The npm package istanbul-lib-instrument receives a total of 32,932,479 weekly downloads. As such, istanbul-lib-instrument popularity was classified as popular.
We found that istanbul-lib-instrument demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.