![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
make-error-cause
Advanced tools
Package description
The make-error-cause npm package is designed to simplify the creation of custom error classes in JavaScript, while also allowing you to maintain the original error cause. This is particularly useful for error handling in complex applications where you need to preserve the stack trace and context of the original error.
Creating Custom Error Classes
This feature allows you to create custom error classes that can encapsulate an original error. The custom error class extends from `makeErrorCause.BaseError`, which helps in maintaining the original error's stack trace and context.
const makeErrorCause = require('make-error-cause');
class MyCustomError extends makeErrorCause.BaseError {
constructor(message, cause) {
super(message, cause);
this.name = 'MyCustomError';
}
}
try {
throw new Error('Original error');
} catch (err) {
throw new MyCustomError('Custom error message', err);
}
Preserving Original Error Cause
This feature demonstrates how to preserve the original error cause when throwing a new custom error. This is useful for debugging and logging, as it provides a complete error stack trace.
const makeErrorCause = require('make-error-cause');
class DatabaseError extends makeErrorCause.BaseError {
constructor(message, cause) {
super(message, cause);
this.name = 'DatabaseError';
}
}
try {
throw new Error('Connection failed');
} catch (err) {
throw new DatabaseError('Database operation failed', err);
}
The `verror` package provides a way to create and manage nested errors in JavaScript. It allows you to add context to errors and maintain the original error stack. Compared to `make-error-cause`, `verror` offers more features for error wrapping and context management.
The `error-ex` package is used to create easily extensible error objects with additional properties. It allows you to add custom properties to errors and maintain the original error cause. While `error-ex` focuses on extensibility, `make-error-cause` is more focused on preserving the original error stack.
The `extendable-error` package provides a simple way to create custom error classes that extend the native Error class. It does not specifically focus on preserving the original error cause, making `make-error-cause` a better choice for scenarios where maintaining the original error context is crucial.
Readme
Make your own error types, with a cause!
instanceof
error.stack
and error.name
toString
npm install make-error-cause --save
See the usages from make-error
. Things work the same here, except the base function has a second argument for the "cause". The cause will be printed when using toString
, but can also be accessed manually.
const CustomError = makeErrorCause('CustomError')
const cause = new Error('boom!')
const error = new CustomError('something bad', cause)
error.toString() //=> "CustomError: something bad\nCaused by: boom!"
error.stack // Works!
error.cause.stack // Handy!
Inspired by verror
, and others, but made much lighter for browser bundling in tight places.
Apache 2.0
FAQs
Unknown package
We found that make-error-cause demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.