
Research
/Security News
Compromised npm Packages in the AsyncAPI Namespace Deliver Miasma Botnet Loader
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.
try-catch.macro
Advanced tools
在项目开发中经常会遇到一些错误没有抛出,导致无法定位问题。希望通过一种简单的方法来对函数进行try catch包装。
通过babel-plugin-marcos来进行按需的转换,而不是通过babel的插件进行全局的替换。
装饰器语法对于单纯的函数没法处理,所以这里就选用了flow的语法。使用flow的语法来对需要转换的方法进行标记,在语法方法可能不太符合flow的标准。
npm install --save-dev babel-plugin-macros try-catch.macro @babel/preset-flow
yarn add babel-plugin-macros try-catch.macro @babel/preset-flow --dev
因为使用了flow的语法进行函数标记,所以需要安装@babel/preset-flow来对flow的语法进行处理
// babel.config.js add babel-plugin-macros and @babel/preset-flow
plugins = ['babel-plugin-macros'];
presets = ['@babel/preset-flow'];
import { TryCatch } from 'try-catch.macro';
var a = (b): TryCatch => {
return b;
}
class Test {
print = (): TryCatch => {
const data = this.getData();
return data;
}
}
↓ ↓ ↓ ↓ ↓ ↓
var a = (b) => {
try {
return b;
} catch(e) {
console.error(e);
}
}
class Test {
print = () => {
try {
const data = this.getData();
return data;
} catch(e) {
console.log(e);
}
}
}
import { TryCatch } from 'try-catch.macro';
var a = (b): TryCatch => {
try {
return b;
} catch(e) {
console.log(e);
}
}
↓ ↓ ↓ ↓ ↓ ↓
var a = (b) => {
try {
return b;
} catch(e) {
console.log(e);
}
}
对于非函数或者函数已经被try catch包裹了一层,不会进行处理
FAQs
A Babel macro that removes console prints in production
We found that try-catch.macro demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.