Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
A super tiny version of chalk, loading in ~1ms instead of ~10ms for chalk (YMMV)
This is convenient when you are in a controlled environment (that is that you don't need all the supports-color
detection chalk
provides)
# ES module
npm install tiny-chalk
# CommonJS
npm install tiny-chalk@v2
import { red, bold, bgBlack } from 'tiny-chalk'
console.log(red('Hello world!'))
console.log(bold(bgBlack(red('Hello world again!'))))
// style
reset
bold
dim
italic
underline
inverse
hidden
strikethrough
// front color
black
red
green
yellow
blue
magenta
cyan
white
grey
redBright
greenBright
yellowBright
blueBright
magentaBright
cyanBright
whiteBright
// back color
bgBlack
bgRed
bgGreen
bgYellow
bgBlue
bgMagenta
bgCyan
bgWhite
bgGrey
bgRedBright
bgGreenBright
bgYellowBright
bgBlueBright
bgMagentaBright
bgCyanBright
bgWhiteBright
FAQs
A super tiny version of chalk
We found that tiny-chalk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.