Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
TSUN, a TypeScript Upgraded Node, supports a REPL and interpreter for TypeScript. When invoked without ts file argument, TSUN works as a repl where you can type in expression. When you pass ts file to TSUN in command line argument, TSUN will automatically run it with invisible compilation.
node
npm install -g tsun
tsun
tsun path/to/app.ts
:help
-h
or --help
optionWhen used as interpreter, tsun will create a temporary directory as output directory and create a node process to execute compiled js.
So it is usually a problem to correctly resolve node_modules
path or definition file like *.d.ts
.
Currently, tsun make two symbolic links for node_modules
and typings
directories in temporary directory, conventionally.
Custom definition files and JavaScript library support will be added in next releases.
Keyword Highlight
Tab-completion
Multiple Line Editing, typing double blank lines will escape from Multiple line mode
Paste Mode
Definition Lookup
And there is more for your exploration...
If you need these, please let me know by making issues!
FAQs
TSUN: a repl for TypeScript Upgraded Node
The npm package tsun receives a total of 304 weekly downloads. As such, tsun popularity was classified as not popular.
We found that tsun demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.