Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
local-scope
Advanced tools
This adapter uses ECMAScript 2015 (ES 6) syntax: you must run at least Node.js v4 in order to use this adapter.
This module allows for easy implementation of trully private object / class instance properties. It uses ES 2015's WeakMap to achieve true privacy without causing memory leaks.
You start by generating a private scope manager. This ensures that no other module, even when using the same cached version of this module, can get access to your private data.
const local = require('local-scope')() // <-- Notice the function call!
Alternatively, to make full use of ES2015 module syntax, you can create a new scope this way:
// This will create your very own scope manager
import scope from 'local-scope/create'
Now you can use that local
function to set and retrieve private data from your own functions!
class Person {
constructor (publicName, secretName) {
// This is public
this.publicName = publicName
// This is private - it's not even saved to this instance!
local(this).secretName = secretName
}
hasSecretName (name) {
// Notice how you can retrieve the same private value
// for this instance
return local(this).secretName === name
}
}
// And when used...
const bruce = new Person('Bruce Wayne', 'Batman')
, clark = new Person('Clark Kent', 'Superman')
bruce.hasSecretName('Batman') // true!
clark.hasSecretName('Batman') // false!
Important: To access the private properties of an object, you need to have two things:
The scope manager always returns an object, so you can save whatever you need there, it just has to be saved into an object's property (you can name it whatever you like).
This software is licensed under the BSD-3-Clause License. See the LICENSE file for more information.
FAQs
ES 2015 way of making private properties in class-based programming
We found that local-scope demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.