Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
tsx
Advanced tools
Package description
The tsx npm package is a CLI tool for running TypeScript and TSX files directly without pre-compilation. It's essentially a TypeScript execution and REPL for node.js, similar to how `node` works for JavaScript. It allows developers to quickly run scripts and prototypes written in TypeScript, including support for TSX (TypeScript with JSX syntax), which is commonly used in React development.
Execute TypeScript files directly
Allows you to run a TypeScript file directly from the command line without needing to compile it first. This is particularly useful for quick scripts or during development.
tsx script.ts
REPL mode
Launches a REPL (Read-Eval-Print Loop) where you can type and execute TypeScript code interactively. This is useful for testing small snippets of code quickly.
tsx
Support for TSX
Enables execution of TSX files, which is TypeScript with JSX syntax. This is particularly useful for React developers who want to test components or scripts that include JSX.
tsx component.tsx
ts-node is a very popular package that offers similar functionality to tsx. It provides the ability to execute TypeScript files directly and use TypeScript in a REPL environment. ts-node is widely used in the TypeScript community for development and scripting. Compared to tsx, ts-node has been around longer and has a larger user base, but both aim to simplify the TypeScript development workflow by removing the compilation step.
esbuild-runner offers a way to run TypeScript (and JavaScript) files using the esbuild bundler/compiler. It's focused on providing extremely fast compilation and execution, leveraging esbuild's performance. While esbuild-runner and tsx share the goal of simplifying the execution of TypeScript files, esbuild-runner emphasizes speed and is part of the broader ecosystem around the esbuild project.
Readme
Node.js runtime that can instantaneously load TypeScript & ESM, powered by esbuild.
.cjs
& .mjs
(.cts
& .mts
)node:
import prefixesnpm install --save-dev tsx
Install it globally to use it anywhere, outside of your npm project, without npx.
npm install --global tsx
Note: Commands are prefixed with
npx
to execute thetsx
binary, but it's not necessary if globally installed or when using it in thescript
object inpackage.json
npx tsx ./file.ts
Run file and automatically re-run on changes.
All imported files are watched except from the following directories:
node_modules
, bower_components
, vendor
, dist
, and .*
(hidden directories).
Press Return to manually re-run.
npx tsx watch ./file.ts
Modules transformations are cached in the system cache directory (TMPDIR
). Transforms are cached by content hash so duplicate dependencies are not re-transformed.
Set the --no-cache
flag to disable the cache:
npx tsx --no-cache ./file.ts
@esbuild-kit/esm-loader - TypeScript to ESM transpiler using the Node.js loader API.
@esbuild-kit/cjs-loader - TypeScript & ESM to CJS transpiler using the Node.js loader API.
FAQs
Unknown package
The npm package tsx receives a total of 2,400,434 weekly downloads. As such, tsx popularity was classified as popular.
We found that tsx demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.