
Research
/Security News
Toptal’s GitHub Organization Hijacked: 10 Malicious Packages Published
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
messageformat-validator
Advanced tools
Validates that ICU MessageFormat messages are well-formed, and that translated target messages are compatible with their source.
Validates messageformat messages against various errors and warnings.
npm i messageformat-validator
mfv [options] [subcommand]
Check for issues in all files within lang/
mfv -s en -p lang/
Add messages that exist in en
to all files within lang/
, if they are missing
mfv -s en -p lang/ add-missing
Output the myMessage
message from the es-es
file with all messageformat structure highlighted
mfv -l es-es -p lang/ highlight myMessage
-V, --version
- output the version number
--no-issues
- Don't output issues
-i, --ignore <items>
- Ignore these comma-separated issue types
-l, --locales <items>
- Process only these comma-separated locales
-p, --path <path>
- Path to a directory containing locale files
-t, --translator-output
- Output JSON of all source messages that are missing or untranslated in the target
-s, --source-locale <locale>
- The locale to use as the source
--json-obj
- Indicate that the files to be parsed are JSON files with keys that have objects for values with their own keys: translation
and context
-h, --help
- display help for command
remove-extraneous
- Remove messages that do not exist in the source locale
add-missing
- Add messages that do not exist in the target locale
sort
- Sort messages alphabetically by key, maintaining any blocks
rename <old-key> <new-key>
- Rename a message
highlight <key>
- Output a message with all non-translatable ICU MessageFormat structure highlighted
help [command]
- display help for command
Some options can be configured with default values in mfv.config.json
{
"source": "en"
"path": "lang/",
"locales": ["ar", "de", "en", "es", "es-es", "hi", "tr"],
"jsonObj": true
}
argument
- Unrecognized argument
brace
- Mismatched braces
category
- Unsupported category
duplicate
- Multiple messages with the same name
extraneous
- Message does not exist in the source locale
missing
- Message missing from the target locale
nbsp
- Message structure contains non-breaking space
nest
- The nesting order of the target message does not match the source message
option
- Unrecognized option
option-missing
- Missing option used in the source
other
- Missing "other" option
parse
- Failed to parse message
source
- Failed to parse source message
category-missing
- Missing categories used by the target locale
nest-ideal
- A select
is nested inside a plural
or selectordinal
nest-order
- Nesting order does not match source
split
- Split by a complex argument
untranslated
- Message has not been translated
You can mark individual messages as
mfv override fr option
A global list of overrides is pre-loaded:
v Expand Me
--throw-errors
option has been removed.locales
option now takes an array when in the config filesformat
subcommand rewrites messages to a standard formatcase
-> option
nest
-> nest-source
and nest-ideal
duplicate-keys
-> duplicate
plural-key
-> category
categories
-> category-missing
source-error
-> source
option-missing
FAQs
Validates that ICU MessageFormat strings are well-formed, and that translated target strings are compatible with their source.
The npm package messageformat-validator receives a total of 6,718 weekly downloads. As such, messageformat-validator popularity was classified as popular.
We found that messageformat-validator demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
Research
/Security News
Socket researchers investigate 4 malicious npm and PyPI packages with 56,000+ downloads that install surveillance malware.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.