
Research
Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
native-constants
Advanced tools
A light-weight library to access unpolluted Native Constants in JavaScript
Access unpolluted Native Constants in JavaScript
native-constants.js is a light-weight library to access unpolluted Native Constants in JavaScript.
It is written with an aim to allow access to unpolluted native constants which are often polluted by page owners(in case you are loading your script on someone else's page) or third party scripts(in case you are a page owner).
// May God have mercy on the devil that wrote this code
JSON = "foo"
// Output as it shouldn't be
console.log(JSON.stringify({})); // Uncaught TypeError: JSON.stringify is not a function
// Use Native Constants Library on the same webpage
// Here's the call to your angel
var JSON = NativeConstants.get('JSON')
// Output as it should be
console.log(JSON.stringify({})); // outputs "{}"
native-constants.js is just 437 bytes minified & gzipped.
bower install native-constants
npm install native-constants
Note: native-constants.js supports AMD and commonJS module pattern out of the box.
native-constants.js works amazingly on all browsers.
Interested in contributing features and fixes?
See the Changelog
Copyright (c) 2015 Apoorv Saxena, http://apoorv.pro Licensed under the MIT license.
FAQs
A light-weight library to access unpolluted Native Constants in JavaScript
The npm package native-constants receives a total of 0 weekly downloads. As such, native-constants popularity was classified as not popular.
We found that native-constants demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.