Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
rocambole-linebreak
Advanced tools
Helpers to manipulate rocambole
LineBreak
tokens.
Used mainly by esformatter and its plugins.
1
till 99
): "add or keep [n]
line breaks".-1
: keep original line breaks.">2"
: add linebreaks until it's over 2
.">=1"
: add line breaks until it's equal or greater than 1
."<2"
: remove linebreaks until it's smaller than 2
."<=1"
: remove/add line breaks until it's smaller or equal to 1
.var br = require('rocambole-linebreak');
setOptions
is just a way to store some constants so later on the
limit
/limitBefore
/limitAfter
you can reference the values by Id.
setOptions({
// sets "value" used by `LineBreak` tokens (defaults to `"\n"`)
value: '\n',
// values inside "before" are used by `limitBefore`
before: {
// setting to `0` will remove all line breaks before the token
parenthesis: 0
},
// values inside "after" are used by `limitAfter`
after: {
// setting to `1` will add/keep a single `LineBreak` after the token
parenthesis: 1
}
});
Important: calling this method will override all the options.
limits the amount of LineBreak
before a given token.
// remove all line breaks before `node.startToken`
limitBefore(node.startToken, 0);
// add/keep 2 line breaks before `node.startToken`
limitBefore(node.startToken, 2);
// add/keep more than 1 line break
limitBefore(node.startToken, '>1');
// keep 2 line breaks or more
limitBefore(node.startToken, '>=2');
// keep less than 3 line breaks
limitBefore(node.startToken, '<3');
// will use value stored on `setOptions` for `before.parenthesis`
limitBefore(node.startToken, 'parenthesis');
// values smaller than zero are ignored (this won't change anything)
limitBefore(node.startToken, -1);
limits the amount of LineBreak
after a given token.
// remove all line breaks after `node.startToken`
limitAfter(node.startToken, 0);
// add/keep 1 line break after `node.startToken`
limitAfter(node.startToken, 1);
// add/keep more than 1 line break
limitAfter(node.startToken, '>1');
// keep 2 line breaks or more
limitAfter(node.startToken, '>=2');
// keep less than 3 line breaks
limitAfter(node.startToken, '<3');
// will use value stored on `setOptions` for `after.parenthesis`
limitAfter(node.startToken, 'parenthesis');
// values smaller than zero are ignored (this won't change anything)
limitAfter(node.startToken, -1);
limits the amount of LineBreak
around a given token.
// add/keep 1 line break before and after `node.startToken`
limit(node.startToken, 1);
// it's just an alias to
limitBefore(node.startToken, 1);
limitAfter(node.startToken, 1);
limits the amount of line breaks at the end of the AST.
// at least one line break at the end of the file
limitBeforeEndOfFile(ast, 1);
// if you don't pass the `typeOrValue` it will use "EndOfFile" as the type
limitBeforeEndOfFile(ast);
reads value stored during setOptions
for a given type
, or returns -1
if
not found.
assert( expectedBefore('parenthesis') === 0 );
reads value stored during setOptions
for a given type
, or returns -1
if
not found.
assert( expectedAfter('parenthesis') === 1 );
This module uses debug internally. To
make it easier to identify what is wrong we sometimes run the esformatter tests
with a DEBUG
flag, like:
DEBUG=rocambole:br:* npm test
Released under the MIT License
FAQs
helpers for rocambole AST line break manipulation
The npm package rocambole-linebreak receives a total of 0 weekly downloads. As such, rocambole-linebreak popularity was classified as not popular.
We found that rocambole-linebreak demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.