Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Resolve and parse tsconfig.json
, replicating TypeScript's behaviour.
See the TypeScript docs for information on setting up tsconfig.json
.
tsconfig.json
, like TypeScript, allowing a path to be specified and falling back to recursively resolving tsconfig.json
upward when no path is specified.resolve
.tsconfig.json
upward.find
.tsconfig.json
.load
.tsconfig.json
(strip BOM, parse JSON and support empty contents).readFile
.tsconfig.json
(strip BOM, parse JSON and support empty contents).Feel free to open issues for discussion.
# Install dependencies/typings.
npm install
# Run test suite.
npm test
MIT License
FAQs
Resole and parse `tsconfig.json`, replicating to TypeScript's behaviour
The npm package tsconfig receives a total of 1,638,589 weekly downloads. As such, tsconfig popularity was classified as popular.
We found that tsconfig demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.