Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
The ts-node npm package is a TypeScript execution engine and REPL for Node.js. It allows developers to run TypeScript files directly without precompiling them to JavaScript. This is particularly useful for development purposes where you can execute scripts or run a REPL environment without an additional build step.
Execute TypeScript files
Run a TypeScript file directly from the command line without prior compilation.
ts-node script.ts
REPL
Start a TypeScript REPL (Read-Eval-Print Loop) to execute TypeScript code interactively.
ts-node
Transpile Only Mode
Run TypeScript files without type checking for faster execution, suitable for development.
ts-node --transpile-only script.ts
Type Checking
Enable type checking when running a TypeScript file, ensuring that the code adheres to the defined types.
ts-node --type-check script.ts
Integration with Testing Frameworks
Use ts-node to run TypeScript tests with Mocha or other Node.js testing frameworks.
mocha --require ts-node/register tests/**/*.spec.ts
esbuild-register uses the esbuild bundler to transpile TypeScript and JavaScript files on the fly. It is known for its speed and efficiency compared to ts-node, which can be slower due to its full type checking.
babel-node is a part of the Babel toolchain that allows running TypeScript and modern JavaScript directly. It is similar to ts-node but uses Babel for transpilation, which can be more configurable and supports a wider range of JavaScript features and experimental syntax.
sucrase-node is a development tool that allows super-fast development builds. It is similar to ts-node but focuses on speed by avoiding full type checking and supporting a subset of TypeScript features.
swc-node is a TypeScript/JavaScript compiler that uses SWC, a super-fast compiler written in Rust. It is designed to be a faster alternative to ts-node, especially for larger codebases.
TypeScript execution environment and REPL for node. Works with
typescript@>=1.5
.
npm install -g ts-node
# Install a TypeScript compiler (requires `typescript` by default).
npm install -g typescript
.d.ts
files from tsconfig.json
# Execute a script as you world normally with `node`.
ts-node script.ts
# Starts the TypeScript REPL.
ts-node
# Execute code with TypeScript.
ts-node -e 'console.log("Hello, world!")'
# Execute, and print, code with TypeScript.
ts-node -p '"Hello, world!"'
# Pipe scripts to execute with TypeScript.
echo "console.log('Hello, world!')" | ts-node
mocha --compilers ts:ts-node/register,tsx:ts-node/register [...args]
ts-node node_modules/tape/bin/tape [...args]
# Just create a `gulpfile.ts` and run `gulp`.
gulp
TypeScript Node works by registering the TypeScript compiler for the .ts
, .tsx
and - when allowJs
is enabled - .js
extensions. When node.js has a file extension registered (the require.extensions
object), it will use the extension internally with module resolution. By default, when an extension is unknown to node.js, it will fallback to handling the file as .js
(JavaScript).
P.S. This means that if you don't register an extension, it'll be compiled as JavaScript. When ts-node
is used with allowJs
, JavaScript files are transpiled using the TypeScript compiler.
tsconfig.json
Typescript Node uses tsconfig.json
automatically, use -n
to skip loading tsconfig.json
.
You can set options by passing them in before the script.
ts-node --compiler ntypescript --project src --ignoreWarnings 2304 hello-world.ts
tsconfig.json
from (or false
to disable) (also process.env.TS_NODE_PROJECT
)typescript@>=1.5.0-alpha
(also process.env.TS_NODE_COMPILER
)ts-node
to skip compiling as TypeScript (defaults to /node_modules/
, false
to disable) (also process.env.TS_NODE_IGNORE
)process.env.TS_NODE_IGNORE_WARNINGS
)process.env.TS_NODE_DISABLE_WARNINGS
)--compilerOptions '{"target":"es6"}'
) (also process.env.TS_NODE_COMPILER_OPTIONS
)transpileModule
mode (no type checking, but faster compilation) (also process.env.TS_NODE_FAST
).ts
fileprocess.env.TS_NODE_CACHE
)process.env.TS_NODE_CACHE_DIRECTORY
)require('ts-node').register({ /* options */ })
// Or using the shortcut file.
require('ts-node/register')
This will register the TypeScript compiler for "on the fly" compilation support of .ts
and .tsx
files during the run
of the script. From here you can use require
to bring in modules from TypeScript files:
var someModule = require('path_to_a_typescript_file');
MIT
FAQs
TypeScript execution environment and REPL for node.js, with source map support
The npm package ts-node receives a total of 0 weekly downloads. As such, ts-node popularity was classified as not popular.
We found that ts-node demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.