Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
The 'sorcery' npm package is used for working with source maps. It allows you to resolve, manipulate, and generate source maps, which are crucial for debugging minified JavaScript code.
Resolve Source Maps
This feature allows you to resolve the source maps for a given file. The code sample demonstrates how to load a file and resolve its source maps, then write the resolved source maps back to the file.
const sorcery = require('sorcery');
sorcery.load('path/to/your/file.js').then(function (chain) {
chain.write();
});
Generate Source Maps
This feature allows you to generate new source maps for a given file. The code sample shows how to load a file, generate source maps with the content included, and write the new source maps back to the file.
const sorcery = require('sorcery');
sorcery.load('path/to/your/file.js').then(function (chain) {
chain.apply({ includeContent: true }).write();
});
Manipulate Source Maps
This feature allows you to manipulate existing source maps. The code sample demonstrates how to load a file, apply changes to its source maps, and write the manipulated source maps to a new destination file.
const sorcery = require('sorcery');
sorcery.load('path/to/your/file.js').then(function (chain) {
chain.apply({ includeContent: true });
chain.write({ dest: 'path/to/output/file.js' });
});
The 'source-map' package provides a library to generate and consume source maps. It is more low-level compared to 'sorcery' and requires more manual handling of source maps.
The 'gulp-sourcemaps' package is a plugin for Gulp that simplifies working with source maps in a Gulp build pipeline. It is more integrated into the Gulp ecosystem and provides a more streamlined experience for Gulp users.
Webpack is a module bundler that has built-in support for generating source maps. It is a more comprehensive tool that handles module bundling, asset management, and source map generation as part of its build process.
Sourcemaps are great - if you have a JavaScript file, and you minify it, your minifier can generate a map that lets you debug as though you were looking at the original uncompressed code.
But if you have more than one transformation - say you want to transpile your JavaScript, concatenate several files into one, and minify the result - it gets a little trickier. Each intermediate step needs to be able to both ingest a sourcemap and generate one, all the time pointing back to the original source.
Most compilers don't do that. (UglifyJS is an honourable exception.) So when you fire up devtools, instead of looking at the original source you find yourself looking at the final intermediate step in the chain of transformations.
Sorcery aims to fix that. Given an file at the end of a transformation chain (e.g., your minified JavaScript), it will follow the entire chain back to the original source, and generate a new sourcemap that describes the whole process. How? Magic.
This is a work-in-progress - suitable for playing around with, but don't rely on it to debug air traffic control software or medical equipment. Other than that, it can't do much harm.
npm install sorcery
API still in flux, lots of work to do... instructions coming soon! Try cloning this repo and looking inside the test
folder to get started.
MIT
0.1.1
sorcery.resolve()
fulfils with null
if the target file has no sourcemapFAQs
Resolve a chain of sourcemaps back to the original source
The npm package sorcery receives a total of 205,011 weekly downloads. As such, sorcery popularity was classified as popular.
We found that sorcery demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.