
Research
/Security News
Toptal’s GitHub Organization Hijacked: 10 Malicious Packages Published
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
react-transform-render-visualizer
Advanced tools
A React Transform equivalent to React Render Visualizer.
First, install the Babel plugin:
npm install --save-dev babel-plugin-react-transform
Then, install the transform:
npm install --save-dev react-transform-render-visualizer
Then edit your .babelrc
to include extra.babel-plugin-react-transform
.
It must be an array of the transforms you want to use:
{
"stage": 0,
"plugins": [
"react-transform"
],
"extra": {
"react-transform": {
"transforms": [{
"transform": "react-transform-render-visualizer"
}]
}
}
}
This transform is enabled regardless of NODE_ENV. It's up to you to disable in a production build.
Components will show up with a helpful box when monitored. This will attach itself to all components.
By default this transform will display the render visualizer on every component. If you'd like to specify the components you want to visualize perform the following steps
Use the following transform:
"transform": "react-transform-render-visualizer/lib/specify"
On any comnponent that you'd like the render visualizer to appear, set the static property rerenderViz to true;
export class QueueMenu extends Component {
static displayName = 'QueueMenu';
static rerenderViz = true;
MIT
This heavily relied on react-render-visualizer for inspiration, and their license is available at LICENSE
FAQs
Render visualizer for ReactJS
The npm package react-transform-render-visualizer receives a total of 228 weekly downloads. As such, react-transform-render-visualizer popularity was classified as not popular.
We found that react-transform-render-visualizer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
Research
/Security News
Socket researchers investigate 4 malicious npm and PyPI packages with 56,000+ downloads that install surveillance malware.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.